bsowards
asked on
500 pts to the first person to Parameterize this ASP/MS SQL INSERT statement
First person to convert the below code into a working Parameterized Query wins. :P
Basically, I've been having the problem that if someone puts a single quote into any of the fields, it breaks the code. I've read that by using parameters, I won't have that problem anymore. I can include ADOvbs.inc myself, just get me the code that will work gentleman/ladies. Thanks so much.
-------------------------- ---
The Code
-------------------------- ---
'Open Database Connection
Set openConn = Server.CreateObject("ADODB .Connectio n")
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
if request.form("formsubmit") = "true" Then
rp_title = request.Form("title")
rp_date_month = request.Form("releasedate_ month")
rp_date_day = request.Form("releasedate_ day")
rp_date_year = request.Form("releasedate_ year")
rp_date = rp_date_month & "/" &rp_date_day & "/" & rp_date_year
rp_desc = request.Form("description" )
rp_category = request.Form("category")
rp_code = cleantext(request.Form("co de"))
rp_link_page = request.Form("link_page")
rp_link_brochure = request.Form("link_brochur e")
rp_link_subscribe = request.Form("link_subscri be")
rp_year_start = request.Form("year_start")
rp_year_end = request.Form("year_end")
rp_n_america = request.Form("n_america")
rp_latin = request.Form("latin")
rp_e_europe = request.Form("e_europe")
rp_w_europe = request.Form("w_europe")
rp_middle_east = request.Form("middle_east" )
rp_asia = request.Form("asia")
SQL_query = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values ('" & _
rp_title & "', '" & rp_date & "', '" & rp_desc & "', '" & rp_category & "', '" & rp_code & "', '" & rp_link_page & "', '" & rp_link_brochure & "', '" & rp_link_subscribe & "', '" & rp_year_start & "', '" & rp_year_end & "', '" & rp_n_america & "', '" & rp_latin & "', '" & rp_e_europe & "', '" & rp_w_europe & "', '" & rp_middle_east & "', '" & rp_asia & "');"
Set RS = openConn.Execute(SQL_query )
Set RS = Nothing
End if
Basically, I've been having the problem that if someone puts a single quote into any of the fields, it breaks the code. I've read that by using parameters, I won't have that problem anymore. I can include ADOvbs.inc myself, just get me the code that will work gentleman/ladies. Thanks so much.
--------------------------
The Code
--------------------------
'Open Database Connection
Set openConn = Server.CreateObject("ADODB
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
if request.form("formsubmit")
rp_title = request.Form("title")
rp_date_month = request.Form("releasedate_
rp_date_day = request.Form("releasedate_
rp_date_year = request.Form("releasedate_
rp_date = rp_date_month & "/" &rp_date_day & "/" & rp_date_year
rp_desc = request.Form("description"
rp_category = request.Form("category")
rp_code = cleantext(request.Form("co
rp_link_page = request.Form("link_page")
rp_link_brochure = request.Form("link_brochur
rp_link_subscribe = request.Form("link_subscri
rp_year_start = request.Form("year_start")
rp_year_end = request.Form("year_end")
rp_n_america = request.Form("n_america")
rp_latin = request.Form("latin")
rp_e_europe = request.Form("e_europe")
rp_w_europe = request.Form("w_europe")
rp_middle_east = request.Form("middle_east"
rp_asia = request.Form("asia")
SQL_query = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values ('" & _
rp_title & "', '" & rp_date & "', '" & rp_desc & "', '" & rp_category & "', '" & rp_code & "', '" & rp_link_page & "', '" & rp_link_brochure & "', '" & rp_link_subscribe & "', '" & rp_year_start & "', '" & rp_year_end & "', '" & rp_n_america & "', '" & rp_latin & "', '" & rp_e_europe & "', '" & rp_w_europe & "', '" & rp_middle_east & "', '" & rp_asia & "');"
Set RS = openConn.Execute(SQL_query
Set RS = Nothing
End if
need to know the datatypes for each of your params.
Just add in the correct ones.
if request.form("formsubmit") = "true" Then
'Open Database Connection
Set openConn = Server.CreateObject("ADODB .Connectio n")
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
Set cmd = Server.CreateObject("ADODB .Command")
With cmd
.ActiveConnection = openConn
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,? ,?,?,?);"
.Parameters.Append .CreateParameter("@rp_titl e", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_title") = request.Form("title")
rp_date_month = request.Form("releasedate_ month")
rp_date_day = request.Form("releasedate_ day")
rp_date_year = request.Form("releasedate_ year")
rp_date = rp_date_month & "/" & rp_date_day & "/" & rp_date_year
.Parameters.Append .CreateParameter("@rp_date ", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_date") = rp_date
.Parameters.Append .CreateParameter("@rp_desc ", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_desc") = request.Form("description" )
rp_category = request.Form("category")
.Parameters.Append .CreateParameter("@rp_cate gory", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_category" ) = request.Form("category")
.Parameters.Append .CreateParameter("@rp_code ", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_code") = cleantext(request.Form("co de"))
.Parameters.Append .CreateParameter("@rp_link _page", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_link_page ") = request.Form("link_page")
rp_link_brochure = request.Form("link_brochur e")
.Parameters.Append .CreateParameter("@rp_link _brochure" , ad_, adParamInput, <--charCount-->)
.Parameters("@rp_link_broc hure") = request.Form("link_brochur e")
rp_link_subscribe = request.Form("link_subscri be")
.Parameters.Append .CreateParameter("@rp_link _subscribe ", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_link_subs cribe") = request.Form("link_subscri be")
.Parameters.Append .CreateParameter("@rp_year _start", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_year_star t") = request.Form("year_start")
.Parameters.Append .CreateParameter("@rp_year _end", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_year_end" ) = request.Form("year_end")
rp_n_america = request.Form("n_america")
.Parameters.Append .CreateParameter("@rp_n_am erica", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_n_america ") = request.Form("n_america")
rp_latin = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_lati n", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_latin") = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_e_eu rope", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_e_europe" ) = request.Form("e_europe")
rp_w_europe = request.Form("w_europe")
.Parameters.Append .CreateParameter("@rp_w_eu rope", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_w_europe" ) = request.Form("w_europe")
rp_middle_east = request.Form("middle_east" )
.Parameters.Append .CreateParameter("@rp_midd le_east", ad_, adParamInput, <--charCount-->)
.Parameters("@rp_middle_ea st") = request.Form("middle_east" )
rp_asia = request.Form("asia")
.Parameters.Append .CreateParameter("@rp_asia ", ad_<!--need Type-->, adParamInput, <--charCount-->)
.Parameters("@rp_asia") = request.Form("asia")
<!--- for integers just leave off the " , count " ---->
.Execute lngRecs, , adExecuteNoRecords
End With
Set cmd = Nothing
Set RS = openConn.Execute(SQL_query )
Set RS = Nothing
End if
Just add in the correct ones.
if request.form("formsubmit")
'Open Database Connection
Set openConn = Server.CreateObject("ADODB
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
Set cmd = Server.CreateObject("ADODB
With cmd
.ActiveConnection = openConn
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,?
.Parameters.Append .CreateParameter("@rp_titl
.Parameters("@rp_title") = request.Form("title")
rp_date_month = request.Form("releasedate_
rp_date_day = request.Form("releasedate_
rp_date_year = request.Form("releasedate_
rp_date = rp_date_month & "/" & rp_date_day & "/" & rp_date_year
.Parameters.Append .CreateParameter("@rp_date
.Parameters("@rp_date") = rp_date
.Parameters.Append .CreateParameter("@rp_desc
.Parameters("@rp_desc") = request.Form("description"
rp_category = request.Form("category")
.Parameters.Append .CreateParameter("@rp_cate
.Parameters("@rp_category"
.Parameters.Append .CreateParameter("@rp_code
.Parameters("@rp_code") = cleantext(request.Form("co
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_page
rp_link_brochure = request.Form("link_brochur
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_broc
rp_link_subscribe = request.Form("link_subscri
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_subs
.Parameters.Append .CreateParameter("@rp_year
.Parameters("@rp_year_star
.Parameters.Append .CreateParameter("@rp_year
.Parameters("@rp_year_end"
rp_n_america = request.Form("n_america")
.Parameters.Append .CreateParameter("@rp_n_am
.Parameters("@rp_n_america
rp_latin = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_lati
.Parameters("@rp_latin") = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_e_eu
.Parameters("@rp_e_europe"
rp_w_europe = request.Form("w_europe")
.Parameters.Append .CreateParameter("@rp_w_eu
.Parameters("@rp_w_europe"
rp_middle_east = request.Form("middle_east"
.Parameters.Append .CreateParameter("@rp_midd
.Parameters("@rp_middle_ea
rp_asia = request.Form("asia")
.Parameters.Append .CreateParameter("@rp_asia
.Parameters("@rp_asia") = request.Form("asia")
<!--- for integers just leave off the " , count " ---->
.Execute lngRecs, , adExecuteNoRecords
End With
Set cmd = Nothing
Set RS = openConn.Execute(SQL_query
Set RS = Nothing
End if
Opps sorry after this line:
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,? ,?,?,?);"
Add:
.CommandType = adCmdText
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,?
Add:
.CommandType = adCmdText
ASKER
Thanks!
The points are as good as yours. Here are the data-types, if you could just plug in the right settings, that would be great!
rp_title, varchar(MAX)
rp_date, smalldatetime
rp_desc, text
rp_category, int
rp_code, varchar(MAX)
rp_link_page, varchar(MAX)
rp_link_brochure, varchar(MAX)
rp_link_subscribe, varchar(MAX)
rp_year_start, int
rp_year_end, int
rp_n_america, bit
rp_latin, bit
rp_e_europe, bit
rp_w_europe, bit
rp_middle_east, bit
rp_asia, bit
THANK YOU!
The points are as good as yours. Here are the data-types, if you could just plug in the right settings, that would be great!
rp_title, varchar(MAX)
rp_date, smalldatetime
rp_desc, text
rp_category, int
rp_code, varchar(MAX)
rp_link_page, varchar(MAX)
rp_link_brochure, varchar(MAX)
rp_link_subscribe, varchar(MAX)
rp_year_start, int
rp_year_end, int
rp_n_america, bit
rp_latin, bit
rp_e_europe, bit
rp_w_europe, bit
rp_middle_east, bit
rp_asia, bit
THANK YOU!
ASKER
Well... it appears my first expert moved on... anyone else like to finish it for split points?
if request.form("formsubmit") = "true" Then
'Open Database Connection
Set openConn = Server.CreateObject("ADODB .Connectio n")
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
Set cmd = Server.CreateObject("ADODB .Command")
With cmd
.ActiveConnection = openConn
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,? ,?,?,?);"
.Parameters.Append .CreateParameter("@rp_titl e", adLongVarChar, adParamInput, -1)
.Parameters("@rp_title") = request.Form("title")
rp_date_month = request.Form("releasedate_ month")
rp_date_day = request.Form("releasedate_ day")
rp_date_year = request.Form("releasedate_ year")
rp_date = rp_date_month & "/" & rp_date_day & "/" & rp_date_year
.Parameters.Append .CreateParameter("@rp_date ", adDBTimeStamp, adParamInput)
.Parameters("@rp_date") = rp_date
.Parameters.Append .CreateParameter("@rp_desc ", adLongVarChar, adParamInput, -1)
.Parameters("@rp_desc") = request.Form("description" )
rp_category = request.Form("category")
.Parameters.Append .CreateParameter("@rp_cate gory", adInteger, adParamInput)
.Parameters("@rp_category" ) = request.Form("category")
.Parameters.Append .CreateParameter("@rp_code ", adLongVarChar, adParamInput, -1)
.Parameters("@rp_code") = cleantext(request.Form("co de"))
.Parameters.Append .CreateParameter("@rp_link _page", adLongVarChar, adParamInput, -1)
.Parameters("@rp_link_page ") = request.Form("link_page")
rp_link_brochure = request.Form("link_brochur e")
.Parameters.Append .CreateParameter("@rp_link _brochure" , adLongVarChar, adParamInput, -1)
.Parameters("@rp_link_broc hure") = request.Form("link_brochur e")
rp_link_subscribe = request.Form("link_subscri be")
.Parameters.Append .CreateParameter("@rp_link _subscribe ", adLongVarChar, adParamInput, -1)
.Parameters("@rp_link_subs cribe") = request.Form("link_subscri be")
.Parameters.Append .CreateParameter("@rp_year _start", adInteger, adParamInput)
.Parameters("@rp_year_star t") = request.Form("year_start")
.Parameters.Append .CreateParameter("@rp_year _end", adInteger, adParamInput)
.Parameters("@rp_year_end" ) = request.Form("year_end")
rp_n_america = request.Form("n_america")
.Parameters.Append .CreateParameter("@rp_n_am erica", adBoolean, adParamInput)
.Parameters("@rp_n_america ") = request.Form("n_america")
rp_latin = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_lati n", adBoolean, adParamInput)
.Parameters("@rp_latin") = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_e_eu rope", adBoolean, adParamInput)
.Parameters("@rp_e_europe" ) = request.Form("e_europe")
rp_w_europe = request.Form("w_europe")
.Parameters.Append .CreateParameter("@rp_w_eu rope", adBoolean, adParamInput)
.Parameters("@rp_w_europe" ) = request.Form("w_europe")
rp_middle_east = request.Form("middle_east" )
.Parameters.Append .CreateParameter("@rp_midd le_east", adBoolean, adParamInput)
.Parameters("@rp_middle_ea st") = request.Form("middle_east" )
rp_asia = request.Form("asia")
.Parameters.Append .CreateParameter("@rp_asia ", adBoolean, adParamInput)
.Parameters("@rp_asia") = request.Form("asia")
.Execute lngRecs, , adExecuteNoRecords
End With
Set cmd = Nothing
Set RS = openConn.Execute(SQL_query )
Set RS = Nothing
End if
'K that should be it. We might have to troubleshoot a little.
'Open Database Connection
Set openConn = Server.CreateObject("ADODB
openPath= "Driver={SQL Server};" & _
"Server=(local);" & _
"Database=KlineGroup;" & _
"Trusted_Connection=yes"
openConn.open openPath
openConn.close 'make sure old connections are cleaned out
openConn.open openPath
Set cmd = Server.CreateObject("ADODB
With cmd
.ActiveConnection = openConn
.CommandText = "INSERT into report (rp_title, rp_date, rp_desc, rp_category, rp_code, rp_link_page, rp_link_brochure, rp_link_subscribe, rp_year_start, rp_year_end, rp_n_america, rp_latin, rp_e_europe, rp_w_europe, rp_middle_east, rp_asia) values (?,?,?,?,?,?,?,?,?,?,?,?,?
.Parameters.Append .CreateParameter("@rp_titl
.Parameters("@rp_title") = request.Form("title")
rp_date_month = request.Form("releasedate_
rp_date_day = request.Form("releasedate_
rp_date_year = request.Form("releasedate_
rp_date = rp_date_month & "/" & rp_date_day & "/" & rp_date_year
.Parameters.Append .CreateParameter("@rp_date
.Parameters("@rp_date") = rp_date
.Parameters.Append .CreateParameter("@rp_desc
.Parameters("@rp_desc") = request.Form("description"
rp_category = request.Form("category")
.Parameters.Append .CreateParameter("@rp_cate
.Parameters("@rp_category"
.Parameters.Append .CreateParameter("@rp_code
.Parameters("@rp_code") = cleantext(request.Form("co
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_page
rp_link_brochure = request.Form("link_brochur
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_broc
rp_link_subscribe = request.Form("link_subscri
.Parameters.Append .CreateParameter("@rp_link
.Parameters("@rp_link_subs
.Parameters.Append .CreateParameter("@rp_year
.Parameters("@rp_year_star
.Parameters.Append .CreateParameter("@rp_year
.Parameters("@rp_year_end"
rp_n_america = request.Form("n_america")
.Parameters.Append .CreateParameter("@rp_n_am
.Parameters("@rp_n_america
rp_latin = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_lati
.Parameters("@rp_latin") = request.Form("latin")
.Parameters.Append .CreateParameter("@rp_e_eu
.Parameters("@rp_e_europe"
rp_w_europe = request.Form("w_europe")
.Parameters.Append .CreateParameter("@rp_w_eu
.Parameters("@rp_w_europe"
rp_middle_east = request.Form("middle_east"
.Parameters.Append .CreateParameter("@rp_midd
.Parameters("@rp_middle_ea
rp_asia = request.Form("asia")
.Parameters.Append .CreateParameter("@rp_asia
.Parameters("@rp_asia") = request.Form("asia")
.Execute lngRecs, , adExecuteNoRecords
End With
Set cmd = Nothing
Set RS = openConn.Execute(SQL_query
Set RS = Nothing
End if
'K that should be it. We might have to troubleshoot a little.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Your awesome! thanks so much.
ASKER
Whoops! Got an error:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC SQL Server Driver][SQL Server]Parameterized Query '(@P1 text,@P2 datetime,@P3 text,@P4 int,@P5 text,@P6 text,@P7 te' expects parameter @P11, which was not supplied.
/admin/report2.asp, line 93
Please help!
Thanks
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC SQL Server Driver][SQL Server]Parameterized Query '(@P1 text,@P2 datetime,@P3 text,@P4 int,@P5 text,@P6 text,@P7 te' expects parameter @P11, which was not supplied.
/admin/report2.asp, line 93
Please help!
Thanks
You are going to have to make sure that the proper validation is happening against the request variables.
Make sure that they are not null etc. You asked for a parameterized query.
one thing you could do is response.write out the request variable data so that you can see what is missing or messing up the query.
if you are using the post method you could do this at the start of the processing page.
response.write request.form
response.end
so if n_america is messing you up I would wonder if it is a check box or something like that because those items won't even exist if it isn't checked I believe.
Make sure that they are not null etc. You asked for a parameterized query.
one thing you could do is response.write out the request variable data so that you can see what is missing or messing up the query.
if you are using the post method you could do this at the start of the processing page.
response.write request.form
response.end
so if n_america is messing you up I would wonder if it is a check box or something like that because those items won't even exist if it isn't checked I believe.
ASKER
Hi,
The answer was that checkboxes do not send anything when they aren't checked, so the Reponse.Write value had to be tested and replaced as follows:
'Checkboxes don't send if blank
if request.Form("n_america") = "" then
rp_n_america = false
else
rp_n_america = true
end if
.Parameters.Append .CreateParameter("@rp_n_am erica", adBoolean, adParamInput)
.Parameters("@rp_n_america ") = rp_n_america
if request.Form("latin") = "" then
rp_latin = false
else
rp_latin = true
end if
.Parameters.Append .CreateParameter("@rp_lati n", adBoolean, adParamInput)
.Parameters("@rp_latin") = rp_latin
if request.Form("e_europe") = "" then
rp_e_europe = false
else
rp_e_europe = true
end if
.Parameters.Append .CreateParameter("@rp_e_eu rope", adBoolean, adParamInput)
.Parameters("@rp_e_europe" ) = rp_e_europe
if request.Form("w_europe") = "" then
rp_w_europe = false
else
rp_w_europe = true
end if
.Parameters.Append .CreateParameter("@rp_w_eu rope", adBoolean, adParamInput)
.Parameters("@rp_w_europe" ) = rp_w_europe
if request.Form("middle_east" ) = "" then
rp_middle_east = false
else
rp_middle_east = true
end if
.Parameters.Append .CreateParameter("@rp_midd le_east", adBoolean, adParamInput)
.Parameters("@rp_middle_ea st") = rp_middle_east
if request.Form("n_asia") = "" then
rp_asia = false
else
rp_asia = true
end if
.Parameters.Append .CreateParameter("@rp_asia ", adBoolean, adParamInput)
.Parameters("@rp_asia") = rp_asia
The answer was that checkboxes do not send anything when they aren't checked, so the Reponse.Write value had to be tested and replaced as follows:
'Checkboxes don't send if blank
if request.Form("n_america") = "" then
rp_n_america = false
else
rp_n_america = true
end if
.Parameters.Append .CreateParameter("@rp_n_am
.Parameters("@rp_n_america
if request.Form("latin") = "" then
rp_latin = false
else
rp_latin = true
end if
.Parameters.Append .CreateParameter("@rp_lati
.Parameters("@rp_latin") = rp_latin
if request.Form("e_europe") = "" then
rp_e_europe = false
else
rp_e_europe = true
end if
.Parameters.Append .CreateParameter("@rp_e_eu
.Parameters("@rp_e_europe"
if request.Form("w_europe") = "" then
rp_w_europe = false
else
rp_w_europe = true
end if
.Parameters.Append .CreateParameter("@rp_w_eu
.Parameters("@rp_w_europe"
if request.Form("middle_east"
rp_middle_east = false
else
rp_middle_east = true
end if
.Parameters.Append .CreateParameter("@rp_midd
.Parameters("@rp_middle_ea
if request.Form("n_asia") = "" then
rp_asia = false
else
rp_asia = true
end if
.Parameters.Append .CreateParameter("@rp_asia
.Parameters("@rp_asia") = rp_asia
Function InsertAP(n)
If n <> "" Then
If Instr(n,"'")<>0 Then
InsertAP = Replace(n,"'","''")
Else
InsertAP = n
End If
End If
End Function
rp_title = InsertAP(request.Form("tit
rp_date_month = InsertAP(request.Form("rel
rp_date_day = InsertAP(request.Form("rel
rp_date_year = InsertAP(request.Form("rel
rp_date = InsertAP(rp_date_month & "/" &rp_date_day & "/" & rp_date_year
rp_desc = InsertAP(request.Form("des
rp_category = InsertAP(request.Form("cat
rp_code = cleantext(request.Form("co
rp_link_page = InsertAP(request.Form("lin
rp_link_brochure = InsertAP(request.Form("lin
rp_link_subscribe = InsertAP(request.Form("lin
rp_year_start = InsertAP(request.Form("yea
rp_year_end = InsertAP(request.Form("yea
rp_n_america = InsertAP(request.Form("n_a
rp_latin = InsertAP(request.Form("lat
rp_e_europe = InsertAP(request.Form("e_e
rp_w_europe = InsertAP(request.Form("w_e
rp_middle_east = InsertAP(request.Form("mid
rp_asia = InsertAP(request.Form("asi