|
 |
asp_databases thread: Stored Procedure Problem
Message #1 by Atoo <Atoo@m...> on Wed, 18 Apr 2001 12:37:08 -0400
|
|
I have a logon form (EmpLogon.asp) for employees to type in an id to access
their accounts. I have included an access query in the Form Action. The
problem is when the employee types in the correct ID it will bring up all
the records instead of bringing up only that employee's record. Also when
another employee opens up EmpLogon form and types the first letter (say a P)
a dropdown list comes up with the previous IDs that have been typed in, it
looks like the system keeps all the IDs that are typed in memory, meaning an
employee can come in and select from the automatically generated drop down
list to select an ID and view another employee's account. How do I stop
that?
Following is part of the code.
<%
Dim varEmpID
varEmpID= Request.Form("EmpID")
'Response.Write varEmpID 'for testing and it worked, it wrote the id
that was typed on the logon form
Dim objConn
Dim oRSEmp
Dim sSQL
Set objConn = Server.CreateObject("ADODB.Connection")
Set oRSEmp=Server.CreateObject("ADODB.Recordset")
objConn.Open "DSN=Accounts"
sSQL="qryGetAllAccounts " (This is an access query)
sSQL=sSQL& " WHERE AccountOwnerID='" & varEmpID & "';"
oRSFac.Open sSQL, objConn
%>
Name: <%=oRSFac("Name")%>
<%Response.End '(for testing)%> When i tested it here, i got the name of
the first employee in the query, instead of the person that logged in.
The entire code is supposed to bring up only the requested information on
the person who logged in but it brings up the information on all employees.
Any help??
Thanks in advance.
Message #2 by "Thor Burfine" <tburfine@k...> on Wed, 18 Apr 2001 22:25:28
|
|
Fist thing I see is is with the query.
If the var "varEmpID" is a long eg Auto Number drop the quotes
Second thing you might try.
strSQL = "SELECT * FROM qryGetAllAccounts WHERE AccountOwnerID='" &
varEmpID & "'" (you dont need the ";")
Third thing to try
SET oRSFac=objConn.execute (strSQL)
As for the list showing up for the user ID's thats an IE thing (Auto
Complete) to get rid of it set the page to expire in say 1 min then it
will not do that but the user only gets 1 min to eter the info then the
page expires
> I have a logon form (EmpLogon.asp) for employees to type in an id to
access
> their accounts. I have included an access query in the Form Action. The
> problem is when the employee types in the correct ID it will bring up all
> the records instead of bringing up only that employee's record. Also
when
> another employee opens up EmpLogon form and types the first letter (say
a P)
> a dropdown list comes up with the previous IDs that have been typed in,
it
> looks like the system keeps all the IDs that are typed in memory,
meaning an
> employee can come in and select from the automatically generated drop
down
> list to select an ID and view another employee's account. How do I stop
> that?
>
> Following is part of the code.
>
> <%
> Dim varEmpID
> varEmpID= Request.Form("EmpID")
> 'Response.Write varEmpID 'for testing and it worked, it wrote the id
> that was typed on the logon form
>
> Dim objConn
> Dim oRSEmp
> Dim sSQL
>
> Set objConn = Server.CreateObject("ADODB.Connection")
> Set oRSEmp=Server.CreateObject("ADODB.Recordset")
> objConn.Open "DSN=Accounts"
> sSQL="qryGetAllAccounts " (This is an access query)
> sSQL=sSQL& " WHERE AccountOwnerID='" & varEmpID & "';"
> oRSFac.Open sSQL, objConn
> %>
>
> Name: <%=oRSFac("Name")%>
> <%Response.End '(for testing)%> When i tested it here, i got the name
of
> the first employee in the query, instead of the person that logged in.
>
> The entire code is supposed to bring up only the requested information on
> the person who logged in but it brings up the information on all
employees.
> Any help??
>
> Thanks in advance.
|
|
|
View Cart
