473,791 Members | 2,807 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Assistance with ASP Redirect

Hello,

The database I'm working with has these 2 fields:

- "CD", which stands for "Consolidat ed Design Number" (not Compact
DISC)

and

- "URL", which is the full URL (http://...)

Users need to be able to type a CD number into a form text box and,
upon submission, be redirected to a non-database-driven html index
(home page) for all the info associated with that paricular CD. A
drop-down might be simpler, but it would be way too long since there
are many, many numbers.

Here's what I have. Can't seem to get it to work.

Any assistance would be very much appreciated. Thanks!

<%
sDSN = "Driver={Micros oft Access Driver
(*.mdb)};Dbq=pa th-to-my-db.mdb;"
%>
<%
set ac = CreateObject("A DODB.Connection ")
set ar = CreateObject("A DODB.Recordset" )
ac.Open sDSN '"DSN=my-db","myuser","m ypass"
sSQL = "SELECT URL FROM mytable WHERE CD=" & Request.Form("C D")
set ar = ac.Execute(sSQL )
if NOT ar.EOF then
URL = ar("URL")
Response.Redire ct url
else
' new customer or bad ID
End If
%>
Jul 19 '05 #1
3 1842
Endora wrote on 12 aug 2004 in microsoft.publi c.inetserver.as p.general:
Any assistance would be very much appreciated. Thanks!

<%
sDSN = "Driver={Micros oft Access Driver
(*.mdb)};Dbq=pa th-to-my-db.mdb;"
%>
<%
set ac = CreateObject("A DODB.Connection ")
set ar = CreateObject("A DODB.Recordset" )
ac.Open sDSN '"DSN=my-db","myuser","m ypass"
sSQL = "SELECT URL FROM mytable WHERE CD=" & Request.Form("C D")
set ar = ac.Execute(sSQL )
if NOT ar.EOF then
URL = ar("URL")
Response.Redire ct url
else
' new customer or bad ID
End If
%>


Do use the Jet engine driver.
You do not use and need a recordset here.
The permissions for the database path must be OK.

<%
set CONNECT = server.CreateOb ject("ADODB.Con nection")
CONNECT.Open "PROVIDER=Micro soft.Jet.OLEDB. 4.0;DATA SOURCE="_
& Server.MapPath( "/db/your.mdb") & ";"

sSQL = "SELECT URL FROM mytable WHERE CD=" & Request.Form("C D")
set dat=CONNECT.Exe cute(sSQL)
if not dat.eof then Response.Redire ct dat("URL")

response.write "Something is very wrong here"
%>

The above using of Request.Form("C D") directly in an SQL string is
dangeroes, because a hacker can get entry in your database by injection.
Validate the result first as an integer number!

If there is more than one record with the same CD, only one is used.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Jul 19 '05 #2
This worked beautifully, thank you, Evertjan!

One note: "CD number" is a bit of a misnomer. My fault, I didn't
explain properly. It should probably just be called "CD Value", but
the misleading name is beyond my control...

At any rate, in the DB it is not an integer, so I actually ended up
with:

sSQL = "SELECT URL FROM mytable WHERE CD='" &
Request.QuerySt ring("CD") & "'"

Again, much appreciated. It is up and running.
Jul 19 '05 #3
Endora wrote on 13 aug 2004 in microsoft.publi c.inetserver.as p.general:
sSQL = "SELECT URL FROM mytable WHERE CD='" &
Request.QuerySt ring("CD") & "'"


It is very dangerous to put a clientside string like
Request.QuerySt ring("CD")
directly in the SQL.

Hackers can easily construct a string for http://mysite,com/db.asp?CD=...
that alters or deletes part of your database!

So again always validate the querystring first.

See: What is SQL Injection?
<http://www.4guysfromro lla.com/webtech/061902-1.shtml> and more

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Jul 19 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
10
9381
can't get header() to redirect
by: Bob Garbados | last post by:
forgive my ignorance, as I'm new to php coming from a ms background... If I create a page named redirect.php and it's only content is: <?php header("Location: http://www.google.com"); ?> Should it not redirect to www.google.com? I can't get the header() function to redirect. I'm trying to take an online reservation... the customer fills out
PHP
7
15925
redirect to URL passed as variable in php
by: Donna Hawkins | last post by:
I want to use javascript to redirect to a URL which has been passed as a variable (in php). I have searched but cannot find any solution. I think this code is a basic redirect: <script type="text/javascript"> window.location = "http://www.someserver.com/somePage.html"; </script>
Javascript
0
1795
Question about Remote assistance
by: Jawahar | last post by:
All I had posted this in the remote assistance group and could not get any replies so I thought that I could try in the developer group Thanks One of the issues we face when helping our remote workers is that they are (9 out of 10 times) behind a router. So when they initiate a Remote assistance call they always do so via email and then our Help desk folk manually alter the file using notepad withe correct IP address and also default...
.NET Framework
6
6941
How to know if a redirect has been done?
by: Peter Row | last post by:
Hi, I am writing a DLL in VB.NET that implements IHttpHandler.ProcessRequest. This code calls a sub and I need to know if that sub did a response redirect or not. Specifically I need to know that either the sub did a redirect or a specific value was specified in the URL. If neither a redirect was done and a certain value was
ASP.NET
4
1912
PHP assistance.
by: Sugartonic | last post by:
I have been reading for about three days now on how to use a drop down menu with options to write to my database but still haven't been successful, Basically I made a drop down menu for age. made a option for 16 all the way to 50. If's just its not writing at all. Im still very new to php so mainly all my work is based off tutorials, so heres what i have so far. this is basically the form that a user can use to update his/her info. just...
PHP
5
4573
Breakpoints after Response.Redirect in ASP.NET 2.0
by: venner | last post by:
I'm having an issue with an ASP.NET website after upgrading to ASP.NET 2.0. The website makes use of a central authentication service (CAS) provided at the university I work for. Each page checks a session variable, and if it is not present, does a Response.Redirect to a webpage for the CAS passing a url parameter for the url to post back to. The CAS provides a page for the user to log into, validates the username and password, and then...
ASP.NET
10
9023
How to 301 redirect default.aspx to root
by: Eirik Eldorsen | last post by:
How can I 301 redirect www.example.com/default.aspx to www.example.com without using ISAPI filters?
ASP.NET
1
1738
Formmail.pl assistance
by: cottcody | last post by:
Hello. I'm attempting to write a form for a web page which is using the formmail.pl script. The form works fine and all but it its the script in which i am having troubles. What I would like it to do is to relay a confirmation e-mail with the data to the sender, but also send an identical mail to a specified admin address for collecting the data. The form current sends data to just the admin address. The other issue which I am encountering is...
Perl
3
2260
remote assistance.
by: gaurav92K | last post by:
sir i am working in a company . there are many pc. i want to use remote assistance. i configure all group policy which are related remote assistance.and i enable service through remote in system property.every services related remote desktop & remote assistance are start . but i can not use help assistance through another system while i try help assistance in my pc then help assistance begin start. what is problem please give the best answer on...
Microsoft Windows
0
9515
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10207
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10154
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9993
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
1
7537
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6776
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
1
4109
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3713
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2913
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us