Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 Development Tools
 ASP.NET
 JavaScript redirect allow querystring passing?

Author  Topic 

MarkGG
Yak Posting Veteran

53 Posts
Posted - 2005-07-12 : 13:59:09
Here is my page:

<html>

<%
ON ERROR RESUME NEXT
Dim con,sql,constring, rs
Set con = Server.CreateObject("ADODB.Connection")
%>


<!-- #include file="dbConnect.ssi" -->

<%
set objRS=Server.CreateObject("ADODB.recordset")
'I open my connection
con.Open dbConnect
%>  

<script language = "javascript">
function DeleteConfirm() {
var agree=confirm("Are you sure you wish to permenantly delete this entry and all of its contacts?");
if (agree)
	window.location=delete.asp?name=<%=objRS("sub_name")%>;
else
	return false;
}
</script>

</head>


<body bgcolor=#6699CC link="blue" vlink="blue" alink="blue">

<center><font size="4" color="black"><b>Details for <%=Request.QueryString("name")%></b></font></center>
<hr width = 50% size =4> 

<%
Dim sSubName
sSubName = Trim(Request.QueryString("name")) 
SQL = "Select * from People where SUB_NAME = '" & sSubName  & "'"
objRS.Open SQL, dbConnect
%>

<center>
<table border = "2" bgcolor="white">
	<th>Type</th><th>Employee #</th><th>Name</th><th>Title</th><th>Work Area</th><th>Active</th><tr>
        <td><input type="text" readonly size="6" name="Type" value="People"></td>
        <td><input type="text" readonly size="25" name="emp_num" value="<%=objRS("emp_num")%>"</td>
	<td><input type="text" readonly size="30" name="sub_name" value="<%=objRS("sub_name")%>"></td>  
	<td><input type="text" readonly size="39" name="title" value="<%=objRS("title")%>"></td>  
	<td><input type="text" readonly size="15" name="work_area" value="<%=objRS("work_area")%>"></td>
	<td><input type="text" readonly size="20" name="active" value="<%=objRS("active")%>"></td>  
</table>

<br>

<table border = "2" bgcolor="white">
	<td><input type="button" name="Edit" value="Edit Profile" onClick="window.location='PeopleEdit.asp?idnum=<%=objRS("id_num")%>&name=<%=Trim(objRS("sub_name"))%>'"></td>
</table>

<br>

<table border = "2" bgcolor="white">
	<td><input type="button" name="Delete" value="Delete Profile" onClick=DeleteConfirm()></td>
</table>

<hr width = 50% size =4>
</center>

<%
  objRS.close
%>

<br>
<br>

<center>
<b>Known phone numbers:</b>
<hr width = 28% size =2>
</center>

<center>
<%
sSubName = Trim(Request.QueryString("name"))
SQL = "Select * from Phones_DB where SUB_NAME = '" & sSubName  & "' order by tel_type asc"
objRS.Open SQL, dbConnect
Do While Not objRS.EOF
%>

<table border = "2" bgcolor="white">
	<tr><td><b><input type="text" readonly name="" value="<%=objRS("tel_type")%>"</b></td><td><input type="text" readonly name="" value="<%=objRS("tel_num")%>"</td></tr>
</table>

<%
    objRS.movenext
    Loop
    objRS.close
%>

<br>

<%
sSubName = Trim(Request.QueryString("name")) 
SQL = "Select id_num, SUB_NAME from People where SUB_NAME = '" & sSubName  & "'"
objRS.Open SQL, dbConnect
%>

<table border = "2" bgcolor="white">
	<td><input type="button" name="Add Number" value="Add Number" onClick="window.location='AddNumber.asp?idnum=<%=objRS("id_num")%>&name=<%=Trim(objRS("sub_name"))%>'"></td>
	<td><input type="button" name="Edit Number" value="Edit Number"></td>
</table>

<br>
	
<table border = "2" bgcolor="white">
	<td><input type="button" name="Delete Number" value="Delete Number"></td>
</table>
<hr width = 28% size =2>
</center>

<%
    objRS.close
    con.Close
    set Con = nothing
%>   

<br>

<center>
<table border = "2" bgcolor="white">
	<td><input type="button" name="Back" value="Back" onClick="history.back()"></td>
</table>
</center>

 
</body>
</html>


I have the verifier so people don't accidentally click on delete profile, however it doesn't send the data to for the query string. If I manually enter the URL as "\\Delete.asp?name=John%Doe" I get al of the forms on the delete page fill out properly, if I go to it by clicking "delete Profile" they are all blank.

Here is delete.asp

<html>
<head>

<%
Dim con,sql,constring, rs
Set con = Server.CreateObject("ADODB.Connection")
%>


<!-- #include file="dbConnect.ssi" -->

<%
set objRS=Server.CreateObject("ADODB.recordset")
'I open my connection
con.Open dbConnect
%>  

</head>


<body bgcolor=#6699CC link="blue" vlink="blue" alink="blue">

<%
Dim sSubName
sSubName = Trim(Request.QueryString("name")) 
'SQL = "delete * from main where name = '" & sSubName  & "'"
'objRS.Open SQL, dbConnect
%>

<input type="text" name="blah" size=20 value="<%=Request.QueryString("name")%>">

<center><font size="4" color="black"><b>Delete Completed</b></font></center>
<hr width = 50% size =4> 
<br>
<center>
You have deleted <%=sSubname%> from the system!
</center>

<%
  'objRS.close
  'con.close
  'Set con = Nothing
%>

<br>

</body>
</html>

jsmith8858
Dr. Cross Join

7423 Posts
Posted - 2005-07-12 : 14:26:40
>>ON ERROR RESUME NEXT

Not a good way to start your page off, my friend .... it is a *little* easier to debug and get things working properly if you handle errors (or write your code to avoid them).

Also, OPTION EXPLICIT ON is a great idea, too.

- Jeff
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site