Wayne Barron
asked on
ASP, Access Database and a Image Carousel
OK.
I am using the script from: http://billwscott.com/carousel/
I have implemented the use of a Database.
Works GREAT! When all images are being feed into the page.
BUT, when you use a Query against the results, it breaks when the image does not
Start at #1.
I have seen this happen in other scripts that I have worked with, and never found a
Reason, or how to corrent it.
Anyway.
Better to show then to try to explain the unexplainable.
1st link, display it's images related to the Query ID=1
http://ee.cffcs.com/Q_24443708/carousel.asp?id=1
2, 3 & 4 Do Not display their images, but if you view the source
You can see that the images are infact there, it is just not displaying.
http://ee.cffcs.com/Q_24443708/carousel.asp?id=2
http://ee.cffcs.com/Q_24443708/carousel.asp?id=3
http://ee.cffcs.com/Q_24443708/carousel.asp?id=4
Any idea's on correcting this issue?
Thanks All
Carrzkiss
I am using the script from: http://billwscott.com/carousel/
I have implemented the use of a Database.
Works GREAT! When all images are being feed into the page.
BUT, when you use a Query against the results, it breaks when the image does not
Start at #1.
I have seen this happen in other scripts that I have worked with, and never found a
Reason, or how to corrent it.
Anyway.
Better to show then to try to explain the unexplainable.
1st link, display it's images related to the Query ID=1
http://ee.cffcs.com/Q_24443708/carousel.asp?id=1
2, 3 & 4 Do Not display their images, but if you view the source
You can see that the images are infact there, it is just not displaying.
http://ee.cffcs.com/Q_24443708/carousel.asp?id=2
http://ee.cffcs.com/Q_24443708/carousel.asp?id=3
http://ee.cffcs.com/Q_24443708/carousel.asp?id=4
Any idea's on correcting this issue?
Thanks All
Carrzkiss
ASKER
I figured I forgot to add in the code
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
I think that I have figured out how to do it. (This may not be the best way in the world to do it but it works.)
OK.
Change the first ID # to something other then [1]
Now, have this
<li id="mycarousel-item-1"></l i>
Above the lines of code, so that it does not show up, and wa-la.
All pages work like a charm.
Thanks Harrison for the heads up.
If you can find a better way of doing it, by all means let me know
If you want to test out my theory
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=1
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=2
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=3
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=4
Code for both pages are in here
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
I am going to go on ahead and build upon this latest development
Unless you let me know otherwise.
Have a good one.
Carrzkiss
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
I think that I have figured out how to do it. (This may not be the best way in the world to do it but it works.)
OK.
Change the first ID # to something other then [1]
Now, have this
<li id="mycarousel-item-1"></l
Above the lines of code, so that it does not show up, and wa-la.
All pages work like a charm.
Thanks Harrison for the heads up.
If you can find a better way of doing it, by all means let me know
If you want to test out my theory
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=1
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=2
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=3
http://ee.cffcs.com/Q_24443708/carousel_1.asp?id=4
Code for both pages are in here
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
I am going to go on ahead and build upon this latest development
Unless you let me know otherwise.
Have a good one.
Carrzkiss
That sound like a good solution. I would probably have made the code generate the:
<li id="mycarousel-item-1">
in order so that they look like...
<li id="mycarousel-item-1">... .......... ..
<li id="mycarousel-item-2">... .......... ..
<li id="mycarousel-item-3">... .......... ..
but the rest of the li ids don't matter so your implementation is fine. Incidentally, I can't access the zip files - 404 page not found error.
<li id="mycarousel-item-1">
in order so that they look like...
<li id="mycarousel-item-1">...
<li id="mycarousel-item-2">...
<li id="mycarousel-item-3">...
but the rest of the li ids don't matter so your implementation is fine. Incidentally, I can't access the zip files - 404 page not found error.
ASKER
It was named wrong, I always name the zip files to the name of the EE Q_#
And I did not do it to this one.
Here it is, working like it is suppose to work
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
Sorry for all the aggrivation trying to get this code.
Carrzkiss
And I did not do it to this one.
Here it is, working like it is suppose to work
http://ee.cffcs.com/Q_24443708/Q_24443708.zip
Sorry for all the aggrivation trying to get this code.
Carrzkiss
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No problem. I knocked up a quick article covering the basics - I will probably add to it later.
http://www.associactionenterprises.com/EE/SQLInjection/
As you use ACCESS, to prevent the SQL injectioin you can simply replace any apostrophe in user inputs with 2 apostrophes (not quotation marks but 2 actual apostrophes). e.g
Str=replace(request("str", "'", "''") and to prevent sql on numeric just use
and to prevent injection on numeric fields....
supposednumber=request("su pposednumb er")
if isNumeric(supposednumber)= false then supposednumber=0
http://www.associactionenterprises.com/EE/SQLInjection/
As you use ACCESS, to prevent the SQL injectioin you can simply replace any apostrophe in user inputs with 2 apostrophes (not quotation marks but 2 actual apostrophes). e.g
Str=replace(request("str",
and to prevent injection on numeric fields....
supposednumber=request("su
if isNumeric(supposednumber)=
ASKER
great article.
It seems that Access and JET are pretty secure within itself against the SQL Injections.
What about SQL Server?
SQL Server is going to be a HUGE part of the site that I am going now, once the money
Free's up and I can aford to cross over "In-House" (Do not want to share with the data I have)
I will keep your link in my favorites, so that I can keep up to date with new developments as they become available from you.
Thanks for again for your help.
You Rock.
Carrzkiss
It seems that Access and JET are pretty secure within itself against the SQL Injections.
What about SQL Server?
SQL Server is going to be a HUGE part of the site that I am going now, once the money
Free's up and I can aford to cross over "In-House" (Do not want to share with the data I have)
I will keep your link in my favorites, so that I can keep up to date with new developments as they become available from you.
Thanks for again for your help.
You Rock.
Carrzkiss
SQL Server does not provide the protection that JET and access does, with SQL server you can append commands - so you can actually add run several SQL statements one after the other using SQL injection - including the more serious and damaging ones like DROP TABLE. So make sure you protect against SQL injection if you migrate to SQL Server.
ASKER
Thanks R_
It is going to be (Depending on Members who sign up on the new site)
Right now, I am using several Access Databases so that they do not get full too quickly.
As they have a 2GB capacity.
Once I hit about 100,000 members, then I am going to have to move over to SQL Server.
So, at that time before the migration, I will be running full test.
To make sure that everything runs accordingly and secure.
The site is also going to be running on a SSL once I go to SQL Server, which I doubt does anything
To hinder to the SQL Injections.
I will be posting several questions once that time comes.
I am hoping before Christmas. But, due to the economy, I am not really sure when..?
Thanks again for your awesome incite.
Have a great weekend.
Carrzkiss
It is going to be (Depending on Members who sign up on the new site)
Right now, I am using several Access Databases so that they do not get full too quickly.
As they have a 2GB capacity.
Once I hit about 100,000 members, then I am going to have to move over to SQL Server.
So, at that time before the migration, I will be running full test.
To make sure that everything runs accordingly and secure.
The site is also going to be running on a SSL once I go to SQL Server, which I doubt does anything
To hinder to the SQL Injections.
I will be posting several questions once that time comes.
I am hoping before Christmas. But, due to the economy, I am not really sure when..?
Thanks again for your awesome incite.
Have a great weekend.
Carrzkiss
When you pull from the database with querystring=2 the id of the first <LI> is "mycarousel-item-5" so the script cannot find the begining of the list.