Solved

How Do I Hide an ADO Database Connection String from the Client?

Posted on 2006-07-11
4
239 Views
Last Modified: 2008-03-17
Hello,

I have inherited webmaster duties  and am trying to make a page that allows users to select search criteria from a series of dropdowns on a web page and then click a "submit" button to retrieve a list of matching documents.  The code behind the "submit" button builds a query against our SQL Server database and returns the results in an HTML table.  The "old" page hid the database connection string by putting it in an ASP include file.  Since that code ran on the server, it isn't available to my JavaScript routines.  My company requires that the connect string be hidden.  I'm very limited in the tools I can use to do this job so I don't have the flexibility to just pitch evrything and use the ideal language/database.  In addition, everything is "done" except for hiding the string and the deadline is pretty close so there isn't time for massive re-development.  Most of the solutions I've seen on various web sites are of the "you should have used X" variety and these are not at all helpful.  So, does some JavaScript guru know how to do this?

Thanks!
0
Comment
Question by:gandalf97
  • 2
4 Comments
 
LVL 2

Expert Comment

by:almes
ID: 17081857
I'm sorry but I don't understand how the connection string to the database appears in your javascript code. You don't connect from the client to the database directly, aren't you?? You have to do this on the server side!! If so, the clients won't see it.

Please paste your code to clear this out...
0
 
LVL 9

Accepted Solution

by:
jmanGJHS97 earned 500 total points
ID: 17082902
So, you are building a SQL string on the client side and the getting data from the database?  Is that correct?

You can get the data using AJAX.  Here's an example.

var http_request = false;
var contentDetailList = new Array();
var arrResults = new Array();
var url = '';

function makeDBRequest(strArg1, strArg2)
{
  http_request = null;
  http_request = false;
  if (window.XMLHttpRequest) // Mozilla, Safari,...
  {
    http_request = new XMLHttpRequest();
    if (http_request.overrideMimeType)
    {
      http_request.overrideMimeType('text/xml');
      // See note below about this line
    }
  }
  else if(window.ActiveXObject) // IE
  {
    try
    {
      http_request = new ActiveXObject("Msxml2.XMLHTTP");
    }
    catch (e)
    {
      try
      {
        http_request = new ActiveXObject("Microsoft.XMLHTTP");
      }
      catch (e)
      {
      }
    }
  }

  if (!http_request)
  {
    alert('Giving up ... Cannot create an XMLHTTP instance');
    return false;
  }

  url = 'GetDataFromDB.asp?arg1=' + strArg1 + '&arg2=' + strArg2;
 
  http_request.onreadystatechange = alertResults;
  http_request.open('GET', url, true);
  http_request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT");
  http_request.send(null);
}

function alertBalanceTransactions()
{
  if (http_request.readyState == 4)
  {
    if (http_request.status == 200)
    {
      buildHTMLForm(http_request.responseText);
    }
    else
    {
      document.getElementById('TempSpan').innerHTML = "There was a problem with the request.";
    }
  }
}

function buildHTMLForm(strData)
{
  var arrData = '';
  var arrRow = '';
 
  if (strData.length > 0)
  {
    arrData = strData.split('~');
       
    for (var i = 0; i < arrData.length; i++)
    {
      arrRow = arrData[i].split('|');
    }
  }
}

Basically, you would need to modify the makeDBRequest function to pass in the values you need in order to build your query.  Then, you append those to the url in the form of a querystring.  Then, your ASP page can request them out of the querystring and do what it does.  Once you get the data out of the database, built it into a "~" and "|" delimited string.  I use "|" to separate elements in a single row and "~" to separate rows from each other.  Then, once your data is built into a string, you just response.write the string from the ASP page, and the AJAX will catch the response, which you can split into an array and go nuts with the data.  So, you basically call makeDBRequest from your onClick of your button, or however else you want to fire the db query.

jmanGJHS97
0
 
LVL 2

Author Comment

by:gandalf97
ID: 17423027
Hello...

I'm sorry this took me so long to get back to this question.  Now that I am learning AJAX, I can see that this would be a much neater solution than the one I implemented.  Thanks for the answer.

Gandalf
0
 
LVL 9

Expert Comment

by:jmanGJHS97
ID: 17431002
No problem.  Glad you got it working.

jmanGJHS97
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
angular2 2 way binding on load 7 39
Enter key on html form page 11 48
How can I get this SlideToggle to behave? 6 18
using php variable inside javascript 5 14
Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now