Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP 3 Classic ASP Active Server Pages 3.0 > Classic ASP Basics
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old August 23rd, 2007, 12:20 AM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default Asp and Sql project.I need Help.

Well..let me first tell you all what my project is.I am building an application in which I need to maintain an online database that wud contain information of all companies in the country.The application will have simple basic four operations-Add information,modify Information,Delete Information and View Information.Though I am done with the interfaces and every database operation but the problem now is that if a company with company-id say 1 enters the database..then it can add,view,delete and modify the information related to the company say company-id 2...And m not able to keep a check if the company entered with company-id 1 enters its company-id before performing any further operation. How can I do this? Can any one tell me?? Its urgent.
Reply With Quote
  #2 (permalink)  
Old August 23rd, 2007, 05:47 AM
Authorized User
Points: 129, Level: 2
Points: 129, Level: 2 Points: 129, Level: 2 Points: 129, Level: 2
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jul 2007
Location: Gurgaon, Haryana, India.
Posts: 35
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via Yahoo to vksingh24
Default

when company 1 gets login into your system, store its ID=1 into a session variable, and before any database operation check out with the ID it is associated with.


__________________
Vikash Kumar Singh
Reply With Quote
  #3 (permalink)  
Old August 23rd, 2007, 06:04 AM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanx vikas...but m tryin to do same...I am collecting the company-id from main page in a variable named str and then m again askin for the company-id when user tries to perform an operation...n then I check if both the ids are same....but the "if" condition is doin nothin on my code :(
Reply With Quote
  #4 (permalink)  
Old August 23rd, 2007, 05:49 PM
Friend of Wrox
Points: 6,664, Level: 34
Points: 6,664, Level: 34 Points: 6,664, Level: 34 Points: 6,664, Level: 34
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2004
Location: Sydney, NSW, Australia.
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

Why dont you build a permission controlled environment like a login? I know if I was one of your users it would make me feel better.

Wind is your friend
Matt
Reply With Quote
  #5 (permalink)  
Old August 23rd, 2007, 10:48 PM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

ya,thats watm doin...Each company has to enter it's company-id before entering into the website...but then the problem is..once a company makes entry then it can access data of other companies also...wat shud I do to prevent a company from using other companies data? N like Vikas suggested I shud use session variable's concept then how to do that..m not much proficient in asp...n thus never used such concepts.. :(
Reply With Quote
  #6 (permalink)  
Old August 23rd, 2007, 11:00 PM
Friend of Wrox
Points: 6,664, Level: 34
Points: 6,664, Level: 34 Points: 6,664, Level: 34 Points: 6,664, Level: 34
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2004
Location: Sydney, NSW, Australia.
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

One way to do it - When a company logs in you assign thier UNIQUE id to the session variable. EG:

session("id") = somevariable

Now for security place this on the head of all pages where a non logged in user should not be able to access:

if session("id") = "" then
   response.redirect("login.asp?login=failed")
end if

WHY: They may know your page name an type it directly into the browser address area

NOTE: login.asp could cotain a condition like:

if trim(request.querystring("login")) = "failed" then
   response.write "You must login to access this page"
end if

So now all pages where you wish to show comapny info write conditional SQL Satements. EG on your show company infomation page

sql = "SELECT * from companyInfo WHERE id=" & session("id") & ";"

This will show them the company information relating to thier comapny only, are you following me?



Wind is your friend
Matt
Reply With Quote
  #7 (permalink)  
Old August 23rd, 2007, 11:46 PM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

well...thanx again MAT :) I just did this too..the way u told me..but of no use...when I enter company-id and press submit..it is gettin redirected to login.asp.in both the cases whether u supply company-id or not..it is gettin redirected to login.asp :(

If theres no problem Mat...can I have your yahoomail id? Its just to tell you wat my project code is..n it seems ur too gud in ASP...may be u wud be able to save my job by helpin me out...Only if theres no prob then let me know..else Shud I post the pages here?
Reply With Quote
  #8 (permalink)  
Old August 24th, 2007, 12:02 AM
Friend of Wrox
Points: 6,664, Level: 34
Points: 6,664, Level: 34 Points: 6,664, Level: 34 Points: 6,664, Level: 34
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jan 2004
Location: Sydney, NSW, Australia.
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

mmmmmm. this is really a cross post with:

http://p2p.wrox.com/topic.asp?TOPIC_ID=64313

;;;when I enter company-id and press submit..it is gettin redirected to login.asp
You need to assign a value to the session variable or its always gong to be = ""

Problems and solutions should remain in the forum. This way others benefit. I come here for help myself and help other when I can, and have time. Posting pages here wont get youi much help, posting specific problems which you have done your best to solve yourself will work around here.

Listen carefully:
1..ask for user details
2..post to the same page
3..based on user input ask the DB is there a record:
   a..IF SO assign the ID to a session variable and redirect the user to where ever
   b..IF NOT promt them 'sorry no details found, try again

do not place:

if session("id") = "" then
   response.redirect("login.asp?login=failed")
end if

on the login page, or any other page which you send the user to before you have carried out steps 1, 2, 3 and or 3b

Hope that helps

Wind is your friend
Matt
Reply With Quote
  #9 (permalink)  
Old August 24th, 2007, 12:13 AM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks again MAT...well...let me tell you what am I doin on my first page...

this is from where am I taking information from the user...

<form action="modify.asp" method=post>
    <div align="center">
      <center>
    <table border="2" cellpadding="0" cellspacing="0"
 style="border-collapse: collapse; text-align:center" width="40%"
 bgcolor="#E1E1E1"
 height="104">
      <tr>
        <td width="100%" colspan="2" bgcolor="#3163A0" height="22">
        <p align="center">


        Member Login</td>
      </tr>
      <tr>
        <td width="47%" style="text-align: left" height="20">

        &nbsp;Company-ID:</td>
        <td width="53%" style="text-align: left" height="20">
              &nbsp;<input type="text" name="cid" size="11" style="border-style: solid; border-width:1"></td>
      </tr>

      <tr>
        <td width="100%" colspan="2" height="26">
        <p align="center">
                <input type="submit" value="Sign-In"
 name="signin"></td>
      </tr>
      <tr>
        <td width="100%" colspan="2" height="12">
        <p align="right">
        &nbsp;</td>
      </tr>
    </table>
    <table border="0" cellpadding="0" cellspacing="0"
 style="border-collapse: collapse" bordercolor="#111111" width="100%"
 id="AutoNumber5">
      <tr>
        <td width="100%">&nbsp;</td>
      </tr>
      <tr>
        <td width="100%">&nbsp;</td>
      </tr>


      <tr>
        <td width="100%">&nbsp;</td>
      </tr>
      <tr>
        <td width="100%">&nbsp;</td>
      </tr>
      <tr>
        <td width="100%">&nbsp;</td>
      </tr>
      <tr>
        <td width="100%">&nbsp;</td>
      </tr>
    </table>
      </center>
    </div>
    </form>


and in last lines m tryin to get the company-id entered in my session variable named "id"..this way-
  </center>
</div>
<% session("id")=request("cid")%>
</body>

</html>
Reply With Quote
  #10 (permalink)  
Old August 24th, 2007, 12:16 AM
Authorized User
 
Join Date: Aug 2007
Location: Pune, Maharshtra, India.
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Then my second page on which it wud be checked if user has entered correct information is like-


<%@Language=VBScript%>
<%Option Explicit
'If (session("id")="") Then
    'response.redirect("login.asp?login=failed")

'Else %>
<html>
        <body>


        <%

        'DECLARE VARIALBLES AND ESTABLISH DATABASE CONNECTION
        Dim objConn,objRs,found,str
        set objConn=Server.createObject("ADODB.Connection")
        objConn.ConnectionString="Provider=SQLOLEDB; Data Source =(local); Initial Catalog = company_information;"&_
                                "User Id = sa; Password=sa"

        objConn.open
        str=request.form("cid")

        'IF USER HAS LEFT COMPANY-ID FIELD EMPTY
        If (request.form("cid")="") Then
                objConn.close
                Set objconn=nothing
                response.write "<center>"
                response.write "<a href='start_company_db_page.asp'>"
                response.write "You Can Not Leave Company-Id Field Empty."
                response.write "</a>"
                response.write "</center>"
                response.End
            End If

        'ELSE CHECK IF THE COMPANY-ID EXISTS
        set objRs=server.createObject("ADODB.Recordset")
        objRs.open "MASTER",objConn, 3 , 2
        found=False

        'TRAVERSE THROUGH DATABASE ELEMENTS TO MATCH THE ID
        Do While Not (objRs.eof Or found)
            If(StrComp(objRs("CompanyId"), str,vbTextCompare)=0) Then
                found=True %>
                <form action="modify1.asp" method=post>
                <input type=hidden name="cid" value="<%=str%>">
                <center> I want to <br><br><br>
                    <input type="submit" name="modify" value="Add Information" /><br><br>
                    <input type="submit" name="modify" value="Modify Information" /><br><br>
                    <input type="submit" name="modify" value="Delete Information" /><br><br>
                    <input type="submit" name="modify" value="View Information" />


                </center>

                </form>


        <% Else
                objRs.MoveNext
                End If
           Loop

            'IF THE COMPANY-ID IS NOT FOUND THEN INFORM THE USER
            If Not found Then
                objRs.close
                set objRs=Nothing
                objConn.close
                set objConn=Nothing
                response.write "<center>"
                response.write "<A HREF='start_company_db_page.asp'>"
                response.write "Invalid Company-Id.Please Enter Again.<P>"
                response.write "</A>"
                response.write "</center>"
                response.End

            end if

            objRs.close
            Set objRs=nothing
            objConn.close
            Set objConn=nothing
            'End if%>



       </body>
    </html>
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connections in a Sql Server project mlw C# 2 September 15th, 2008 09:32 AM
Error in Migrating Project from ASP to ASP.NET hbansal ASP.NET 1.0 and 1.1 Professional 0 September 12th, 2008 05:48 AM
Add asp.net page to asp project debdemoe Classic ASP Basics 0 August 17th, 2005 12:28 PM
ms Project,vb,sql m_ctrl VB How-To 0 June 28th, 2003 10:36 AM
ms project,sql,vb m_ctrl Pro VB 6 0 June 28th, 2003 10:28 AM



All times are GMT -4. The time now is 06:23 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.