I am getting the following error when i load an ASP page that calls a stored procedure from SQL 2000 with a parameter used at the point of loading the ASP page.
have i made a schoolboy error? and how do i fix this?
error
Microsoft VBScript compilation error '800a0408'
Invalid character
/simon/stock_test.asp, line 6
declare #serial varchar(255)
--------^
and the page is stock_test.asp?ID=980028001365274
<!--#include file="includes/functions_test.asp"-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<%
declare #serial varchar(255)
set #serial = Request.QueryString("ID")
Call OpenDB()
Call OpenRecordSet(stock, "Exec sp_report_simon_test #serial")
%>
<html lang="EN">
<head>
<title>Stock</title>
</head>
<body>
<table id="test">
<tr>
<td><b>Make</b></td>
<td><b>Model</b></td>
<td><b>Serial</b></td>
</tr>
<%DO WHILE NOT stock.EOF%>
<tr>
<td><%=stock.Fields("Make").value %></td>
<td><%=stock.Fields("Model").value %></td>
<td><%=stock.Fields("serial_number").value %></td>
</tr>
<%
stock.MoveNext
LOOP
%>
</table>
<%
Call CloseRecordSet(stock)
Call CloseDB()
%>
</body>
</html>
functions file
<%
response.Charset="utf-8"
Session.lcid = 2057
Response.Buffer = False
Server.ScriptTimeout=200
Dim dbConn
Function OpenDB()
Set dbConn = Server.CreateObject("ADODB.Connection")
dbConn.Open "Driver={SQL Server}; Server=server_name; Database=db_name; UID=username; PWD=password; Option=4"
End Function
Function CloseDB()
If ucase(TypeName(dbConn)) = "OBJECT" Then
dbConn.Close
Set dbConn = Nothing
End If
End Function
Function OpenRecordSet(RecSet, SqlQuery)
Set RecSet = Server.CreateObject("ADODB.Recordset")
Set RecSet = dbConn.Execute(SqlQuery)
End Function
Function CloseRecordSet(RecSet)
RecSet.Close
Set RecSet = Nothing
End Function
Function ProcessSql(Sql, Page)
Call OpenDB()
dbConn.Execute(Sql)
Call CloseDB()
If Len(Page) > 0 Then
Response.Redirect(Page)
End If
End Function
Function Encode(DirtyText)
Dim CleanText
Cleantext = Server.HtmlEncode(DirtyText)
CleanText = Replace(CleanText, "'", "''")
CleanText = Replace(CleanText, vbCrLf, "<br>")
Encode = CleanText
End Function
Function mySqlDate(rawDate)
Dim dateString
dateString = DatePart("yyyy", cdate(rawDate))
dateString = dateString & "-" & DatePart("m", cdate(rawDate))
dateString = dateString & "-" & DatePart("d", cdate(rawDate))
mySqlDate = dateString
End Function
Function GetMonthName(monthId)
Dim monthNames
monthNames = Array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December")
GetMonthName = monthNames(monthId -1)
End Function
Function CheckQueryString(Qstring, QName, Page)
If Not Len(QString) = 0 AND Len(QString) < 6 AND IsNumeric(QString) Then
QName = QString
Else
Response.redirect(Page)
End If
End Function
%>
It's commendable that you try to use SQL parameters, but they don't work this way in ASP. It should be self-evident that you cannot simply drop SQL into your ASP code.
Use a Command object instead.
Dim stock, serialVal
OpenDB()
serialVal = Request.QueryString("serial")
If serialVal = "" Then serialVal = vbNull
With Server.CreateObject("ADODB.Command")
Set .ActiveConnection = dbConn
.CommandText = "sp_report_simon_test"
.CommandType = adCmdStoredProc
.Parameters.Append .CreateParameter("#serial", adVarChar, adParamInput, 30, serialVal)
Set stock = .Execute
End With
Docs:
MSDN: Command Object (ADO)
MSDN: Parameters Collection (ADO)
MSDN: CreateParameter Method (ADO)
To be able to use constants like adCmdStoredProc directly in the VBScript code they must be made available by referencing their type library at the top of your ASP page.
For Windows 7/Windows Server 2008 and up, use version 6.1:
<!--metadata
type="TypeLib"
name="Microsoft ActiveX Data Objects 6.1 Library"
uuid="B691E011-1797-432E-907A-4D8C69339129"
version="6.1"-->
For earlier versions (Windows XP/Windows Server 2003), use version 2.8:
<!--metadata
type="TypeLib"
name="Microsoft ActiveX Data Objects 2.8 Library"
uuid="2A75196C-D9EB-4129-B803-931327F72D5C"
version="2.8"-->
Related
There is a code for filtering fields from a query (fname, lname and location) into a DataGridView:
Dim DV As New DataView(dbdataset1)
DV.RowFilter = String.Format("fname like '%" & Me.tbSearch.Text.Trim & "%'")
DataGridView.DataSource = dbdataset1
The filter can find lname, location but not fname:
here is the screen shot of the populated fields
As for the DataGridView element I can tell you're on ASP.NET 2.0 or below. Anyway, I got it working on ASP.NET 4.7 like this:
ASPX file:
<%# Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:GridView ID="GridView1" runat="server"></asp:GridView>
</div>
<asp:TextBox ID="tbSearch" runat="server"></asp:TextBox>
<asp:Button ID="btnSearch" runat="server" Text="Search" />
</form>
</body>
</html>
Code behind (VB.Net):
Imports System.Data
Partial Class _Default
Inherits System.Web.UI.Page
Private Sub form1_Load(sender As Object, e As EventArgs) Handles form1.Load
End Sub
Private Sub btnSearch_Click(sender As Object, e As EventArgs) Handles btnSearch.Click
Dim dbdataset1 As New DataTable
Dim dr As DataRow
dbdataset1.Columns.Add("fname")
For i As Integer = 1 To 3
dr = dbdataset1.NewRow()
dr("fname") = "picture" + i.ToString()
dbdataset1.Rows.Add(dr)
Next
For i As Integer = 1 To 3
dr = dbdataset1.NewRow()
dr("fname") = "document" + i.ToString()
dbdataset1.Rows.Add(dr)
Next
Dim DV As New DataView(dbdataset1)
DV.RowFilter = String.Format("fname like '%" & Me.tbSearch.Text.Trim & "%'")
Me.GridView1.DataSource = DV
Me.GridView1.DataBind()
End Sub
End Class
Just replace my GridView1 with your DataGrdiView.
UPDATE:
So the filter was fixed by the user deleting and adding the Texbox control again into the form.
I am supporting an old Classic ASP application and I've read that the code we write within <% %> is VBScript and <% Response.Write "VBScript" %> is working fine , but when I write in the following format, Response.Write is not working
<SCRIPT LANGUAGE="VBScript">
Response.Write "VBScript"
</SCRIPT>
also Response.Write is not getting executed in an button click event
<SCRIPT LANGUAGE="VBScript" >
function B3_OnClick()
FORM1.T3.style.backgroundColor = "white"
FORM1.T4.style.backgroundColor = "white"
FORM1.T3.readOnly ="false"
FORM1.T4.readOnly ="false"
FORM1.style.backgroundColor = "white"
Response.Write("Hello World")
End function
</SCRIPT>
Can Anyone explain me why? Is there any substitute for Response.Write in that case..? Thanks in advance
This is because you are missing the runat="Server" attribute in the <script> tag.
<SCRIPT LANGUAGE="VBScript" runat="Server">
Response.Write "VBScript"
</SCRIPT>
Remember VBScript accessed through Classic ASP happens before the response is sent to the client. For an action such as clicking a button on the client to affect the server-side code it has to make a round-trip to the server. If you want to have server-side code affect client-side code you can inject code before returning a server response to the client.
<SCRIPT LANGUAGE="VBScript" >
function B3_OnClick()
FORM1.T3.style.backgroundColor = "white"
FORM1.T4.style.backgroundColor = "white"
FORM1.T3.readOnly ="false"
FORM1.T4.readOnly ="false"
FORM1.style.backgroundColor = "white"
MsgBox "<% Response.Write("Hello World") %>"
End function
</SCRIPT>
Useful Links
Answer to Access client variable within server-tags in vbscript
Answer to what's the difference between <% %> and in classic asp?
I have a user control in ext.net and a hidden field inside it which is "__DataForAddingToOutlook". This field is filled using xml writer so it has xml.
We have a functionality to add data to outlook and sync to outlook for which I am using direct methods. As soon as I call direct method I get the error
"A potentially dangerous Request.Form value was detected from the client (cms_cpMain_winAddContactsToOutlook___DataForAddingToOutlook="
The field is filled like-
Private Sub ExportToControl()
Dim oXMLWriter As XmlTextWriter = Nothing
Dim oStream As MemoryStream = Nothing
oStream = New MemoryStream()
oXMLWriter = New XmlTextWriter(oStream, Encoding.UTF8)
ReadData(oXMLWriter)
'
Dim stream_reader As New StreamReader(oStream)
oStream.Seek(0, SeekOrigin.Begin)
__DataForAddingToOutlook.Value = stream_reader.ReadToEnd()
End Sub
Can anyone help.
Try to set ValidateRequest="false" in Page tag:
<%# Page Title="" ValidateRequest="false" Language="C#" MasterPageFile="~/Site.master" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="Default" %>
I'm using a Telerik radGrid to display data, including address. I want to be able to insert new, or Edit an existing address. To this end, I wish to use Cascading comboboxes which would prepopulate the next, ie country_onselectedindexchanged populates Province/State, etc.
My issue is that whenever I click on Country, I can see in the step-through that my Province/State combo is populated, but then a postback occurs and my Grid_itemdatabound event fires and the initial data is repopulated again.
I have an account on the Telerik site, but last time I posted a question it took a week to get a response.
<telerik:RadGrid ID="RecipientsGrid" runat="server" AutoGenerateColumns="false" EnableViewState="true" PageSize="5"
AllowFilteringByColumn="true" AllowPaging="true" AllowSorting="True">
<ClientSettings EnablePostBackOnRowClick="true">
<Selecting AllowRowSelect="true" />
</ClientSettings>
<MasterTableView CommandItemDisplay="Bottom" DataKeyNames="RecipientOrganizationID" EditMode="EditForms" >
<EditFormSettings EditFormType="Template">
<FormTemplate>
<telerik:RadComboBox ID="CountryCombo" runat="server" DataTextField="CountryName" DataValueField="CountryID"
OnSelectedIndexChanged="CountryCombo_SelectedIndexChanged" AutoPostBack="true">
</telerik:RadComboBox>
<telerik:RadComboBox ID="ProvinceCombo" runat="server" Width="325" EnableLoadonDemand="true" OnSelectedIndexChanged="ProvinceCombo_SelectedIndexChanged" AutoPostBack="true" >
</telerik:RadComboBox>
</FormTemplate>
</EditFormSettings>
</MasterTableView>
</telerik:RadGrid>
Private Sub RecipientsGrid_NeedDataSource(sender As Object, e As Telerik.Web.UI.GridNeedDataSourceEventArgs) Handles RecipientsGrid.NeedDataSource
Dim ctx As New DataEntities
RecipientsGrid.DataSource = ctx.RecipientOrganizations.ToList
AddOrganizationButton.Visible = False
RecipientOrganizationComboBox.Visible = False
End Sub
Private Sub RecipientsGrid_ItemDataBound(sender As Object, e As Telerik.Web.UI.GridItemEventArgs) Handles RecipientsGrid.ItemDataBound
If TypeOf e.Item Is GridEditableItem AndAlso e.Item.IsInEditMode Then
Dim editedItem As GridEditableItem = TryCast(e.Item, GridEditableItem)
If e.Item.OwnerTableView.IsItemInserted Then
Dim CountryCombo As RadComboBox = TryCast(editedItem.FindControl("CountryCombo"), RadComboBox)
Dim ProvinceCombo As RadComboBox = TryCast(editedItem.FindControl("ProvinceCombo"), RadComboBox)
Dim CityCombo As RadComboBox = TryCast(editedItem.FindControl("CityCombo"), RadComboBox)
LoadCountries(CountryCombo)
Else
End If
End If
End Sub
Protected Sub CountryCombo_SelectedIndexChanged(ByVal sender As Object, ByVal e As RadComboBoxSelectedIndexChangedEventArgs)
Dim CountryCombo As RadComboBox = DirectCast(sender, RadComboBox)
Dim editedItem As GridEditableItem = DirectCast(TryCast(sender, RadComboBox).NamingContainer, GridEditableItem)
Dim ProvinceCombo As RadComboBox = DirectCast(editedItem.FindControl("ProvinceCombo"), RadComboBox)
LoadProvinces(e.Value, ProvinceCombo)
End Sub
Protected Sub ProvinceCombo_SelectedIndexChanged(ByVal sender As Object, ByVal e As RadComboBoxSelectedIndexChangedEventArgs)
Dim ProvinceCombo As RadComboBox = DirectCast(sender, RadComboBox)
Dim editedItem As GridEditableItem = DirectCast(TryCast(sender, RadComboBox).NamingContainer, GridEditableItem)
Dim CityCombo As RadComboBox = DirectCast(editedItem.FindControl("CityCombo"), RadComboBox)
LoadCities(e.Value, CityCombo)
End Sub
Protected Sub LoadCountries(ByVal Control As RadComboBox)
Using context As New DataEntities
With Control
.DataValueField = "CountryId"
.DataTextField = "CountryName"
.DataSource = context.Countries.OrderBy(Function(x) x.displayOrder).ToList
End With
Control.Width = Unit.Pixel(320)
Control.DataBind()
End Using
End Sub
Protected Sub LoadProvinces(ByVal countryID As Integer, ByVal Control As RadComboBox)
Using context As New DataEntities
With Control
.DataValueField = "ProvinceId"
.DataTextField = "NameEnglish"
.DataSource = context.Provinces.Where(Function(x) x.CountryId = countryID).OrderBy(Function(x) x.NameEnglish).ToList
End With
Control.Width = Unit.Pixel(320)
Control.DataBind()
End Using
End Sub
Protected Sub LoadCities(ByVal ProvinceId As Integer, ByVal Control As RadComboBox)
Using context As New DataEntities
With Control
.DataValueField = "CityId"
.DataTextField = "CityName"
.DataSource = context.Cities.Where(Function(x) x.ProvinceID = ProvinceId).OrderBy(Function(x) x.CityName).ToList
End With
Control.Width = Unit.Pixel(320)
Control.DataBind()
End Using
End Sub
Public Sub SetComboBoxDefault(ByVal FindItemByValue As Integer, ByVal Control As RadComboBox, ByVal DisplayText As String)
Dim ComboBoxItem As RadComboBoxItem
If FindItemByValue > 0 Then
ComboBoxItem = Control.FindItemByValue(FindItemByValue)
If ComboBoxItem IsNot Nothing Then
ComboBoxItem.Selected = True
Else
Control.Items.Insert(0, New RadComboBoxItem("-- Please select a " & DisplayText & " --", String.Empty))
End If
Else
Control.Items.Insert(0, New RadComboBoxItem("-- Please select a " & DisplayText & " --", String.Empty))
End If
End Sub
Posting this here because I don't believe I have enough rep to comment. Usually when I have this issue, it's because I have a binding event of some sort on my RadComboBox in Page_Load that isn't wrapped in a If Not IsPostBack. Try something like this:
Sub Page_Load
If Not IsPostBack
RadComboBox.DataSource = foo;
RadComboBox.DataBind();
End If
End Sub
Hope this helps.
I am building my own HtmlHelper extensions for standard DropDownLists that appear on many of my views. On other elements I use "EditorFor" and razor generates the proper element "name" attribute for me since that is important for it to be bound to the model correctly. How would I get the correct name in my View so that my Helpers name the element appropriately?
Currently my view code looks like this, but I'd rather not hardcode the element name if I can avoid it.
<tr>
<td class="editor-label">
County:
</td>
<td class="editor-field">
#Html.CountyDropDown("CountyID")
</td>
</tr>
Here is my extension code (Which returns the list of Counties based on the current user's region):
<Extension()> _
Public Function CountyDropDown(ByVal html As HtmlHelper, ByVal name As String) As MvcHtmlString
Dim db As New charityContainer
Dim usvm As New UserSettingsViewModel
Dim ddl As IEnumerable(Of SelectListItem)
ddl = (From c In db.Counties Where c.RegionId = usvm.CurrentUserRegionID
Select New SelectListItem() With {.Text = c.Name, .Value = c.Id})
Return html.DropDownList(name, ddl)
End Function
I'm a dummy I already knew how to do this:
1) Gave my Id value a UIHint in the ViewModel like so:
<UIHint("County")>
Public Property CountyId As Nullable(Of Integer)
2) Changed my View to just use EditorFor like this:
<td class="editor-field">
#Html.EditorFor(Function(x) x.CountyId)
</td>
3) Made a "County.vbhtml" partial-view in my EditorTemplates folder:
#ModelType Nullable(Of Integer)
#Html.DropDownList("", Html.CountySelectList(Model))
4) Returned just an IEnumerable(Of SelectListItem) from my helper, not the entire drop down html:
Public Function CountySelectList(Optional ByVal selectedId As Nullable(Of Integer) = 0) As IEnumerable(Of SelectListItem)
Dim db As New charityContainer
Dim usvm As New UserSettingsViewModel
Dim CurrentUserRegionID = usvm.CurrentUserRegionID
Dim ddl As IEnumerable(Of SelectListItem)
ddl = (From c In db.Counties Where c.RegionId = CurrentUserRegionID
Select New SelectListItem() With {.Text = c.Name, .Value = c.Id, .Selected = If(c.Id = selectedId, True, False)})
Return ddl
End Function