Solved

How Do I Hide an ADO Database Connection String from the Client?

Posted on 2006-07-11
4
260 Views
Last Modified: 2008-03-17
Hello,

I have inherited webmaster duties  and am trying to make a page that allows users to select search criteria from a series of dropdowns on a web page and then click a "submit" button to retrieve a list of matching documents.  The code behind the "submit" button builds a query against our SQL Server database and returns the results in an HTML table.  The "old" page hid the database connection string by putting it in an ASP include file.  Since that code ran on the server, it isn't available to my JavaScript routines.  My company requires that the connect string be hidden.  I'm very limited in the tools I can use to do this job so I don't have the flexibility to just pitch evrything and use the ideal language/database.  In addition, everything is "done" except for hiding the string and the deadline is pretty close so there isn't time for massive re-development.  Most of the solutions I've seen on various web sites are of the "you should have used X" variety and these are not at all helpful.  So, does some JavaScript guru know how to do this?

Thanks!
0
Comment
Question by:gandalf97
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 2

Expert Comment

by:almes
ID: 17081857
I'm sorry but I don't understand how the connection string to the database appears in your javascript code. You don't connect from the client to the database directly, aren't you?? You have to do this on the server side!! If so, the clients won't see it.

Please paste your code to clear this out...
0
 
LVL 9

Accepted Solution

by:
jmanGJHS97 earned 500 total points
ID: 17082902
So, you are building a SQL string on the client side and the getting data from the database?  Is that correct?

You can get the data using AJAX.  Here's an example.

var http_request = false;
var contentDetailList = new Array();
var arrResults = new Array();
var url = '';

function makeDBRequest(strArg1, strArg2)
{
  http_request = null;
  http_request = false;
  if (window.XMLHttpRequest) // Mozilla, Safari,...
  {
    http_request = new XMLHttpRequest();
    if (http_request.overrideMimeType)
    {
      http_request.overrideMimeType('text/xml');
      // See note below about this line
    }
  }
  else if(window.ActiveXObject) // IE
  {
    try
    {
      http_request = new ActiveXObject("Msxml2.XMLHTTP");
    }
    catch (e)
    {
      try
      {
        http_request = new ActiveXObject("Microsoft.XMLHTTP");
      }
      catch (e)
      {
      }
    }
  }

  if (!http_request)
  {
    alert('Giving up ... Cannot create an XMLHTTP instance');
    return false;
  }

  url = 'GetDataFromDB.asp?arg1=' + strArg1 + '&arg2=' + strArg2;
 
  http_request.onreadystatechange = alertResults;
  http_request.open('GET', url, true);
  http_request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT");
  http_request.send(null);
}

function alertBalanceTransactions()
{
  if (http_request.readyState == 4)
  {
    if (http_request.status == 200)
    {
      buildHTMLForm(http_request.responseText);
    }
    else
    {
      document.getElementById('TempSpan').innerHTML = "There was a problem with the request.";
    }
  }
}

function buildHTMLForm(strData)
{
  var arrData = '';
  var arrRow = '';
 
  if (strData.length > 0)
  {
    arrData = strData.split('~');
       
    for (var i = 0; i < arrData.length; i++)
    {
      arrRow = arrData[i].split('|');
    }
  }
}

Basically, you would need to modify the makeDBRequest function to pass in the values you need in order to build your query.  Then, you append those to the url in the form of a querystring.  Then, your ASP page can request them out of the querystring and do what it does.  Once you get the data out of the database, built it into a "~" and "|" delimited string.  I use "|" to separate elements in a single row and "~" to separate rows from each other.  Then, once your data is built into a string, you just response.write the string from the ASP page, and the AJAX will catch the response, which you can split into an array and go nuts with the data.  So, you basically call makeDBRequest from your onClick of your button, or however else you want to fire the db query.

jmanGJHS97
0
 
LVL 2

Author Comment

by:gandalf97
ID: 17423027
Hello...

I'm sorry this took me so long to get back to this question.  Now that I am learning AJAX, I can see that this would be a much neater solution than the one I implemented.  Thanks for the answer.

Gandalf
0
 
LVL 9

Expert Comment

by:jmanGJHS97
ID: 17431002
No problem.  Glad you got it working.

jmanGJHS97
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we'll look how to sort an Array in JavaScript, including the more advanced techniques of sorting a collection of records either ascending or descending on two or more fields. Basic Sorting of Arrays First, let's look at the …
The task A number given should be formatted for easy reading by separating digits into triads. Format must be made inline via JavaScript, i.e., frameworks / functions are not welcome. So let’s take a number like this “12345678.91¿ and format i…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question