ea********@gmail.com wrote:
Ray Costanzo [MVP] wrote:
>There's nothing here that would cause a loop. What makes you think
something's looping?
Ray at work
<ea********@gmail.comwrote in message
news:vN********************@eclipse.net.uk...
>>Hi,
Im pretty new to asp so all light on this question would be great.
Basically i need to test to see what value is set (where to
retrieve the data from) so ive done it like this:
If Request.Querystring("id") = "" then
TidF=Request.Form("TidF")
Else
TidF=Request.Querystring("id")
End If
The data Request.Form("TidF") comes from a form if submit is
pressed. The data Request.Querystring("id") comes from the url being
.asp?id=number However it seems to keep looping round even though i have
ended the
if statement and set the var.
all help would be great thanks.
At a certain point the code seems to loop round the whole script and
dosent halt ever since ive added in them lines.
Here is my code:
http://rafb.net/paste/results/qXOfJn50.html
Well obviously we cannot test your code to see the symptoms that lead you to
believe that you have an infinite loop, so you're going to have to help us
out. Start by showing us the source of the page that results from running
this code. Put in some response.writes of your variable values at various
places so we can see what is happening.
Having said that, your coding practices could use some work (yes, I know you
are new to this ... this is not destructive criticicsm: it's intended as
constructive). These do not have anything to do with your problem (I think),
but you should address them:
1. Your connection string -
http://www.aspfaq.com/show.asp?id=2126
2. Selstar -
http://www.aspfaq.com/show.asp?id=2096
3.Costly recordset loop -
http://www.aspfaq.com/show.asp?id=2467
4. Major:problem:
Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/...e36562fee7804e
Personally, I prefer using stored procedures, or saved parameter queries as
they are known in Access:
http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl http://groups.google.com/groups?hl=e...tngp13.phx.gbl
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"