jay1971a
asked on
Classic ASP. Validate data in a form and post the result to a URL.
Hi,
I'm a complete novice when it comes to classic asp and was wondering if anyone could show me how to create a form which collects a CustomerID, Email Address and Password then validates this data in a database to check that the customerID is valid. If valid, the information will be posted to a url, otherwise we'll re-direct to an error page.
I come from an event driven programming background and have already wrapped the database validation code in a function, so I'm really just looking for a way to control the program flow by passing the CustomerID to the function and acting depending on the result.
I could do it in VB.Net without a problem but Classic ASP is a steep learning curve and time is tight.
Thanks.
Jay.
I'm a complete novice when it comes to classic asp and was wondering if anyone could show me how to create a form which collects a CustomerID, Email Address and Password then validates this data in a database to check that the customerID is valid. If valid, the information will be posted to a url, otherwise we'll re-direct to an error page.
I come from an event driven programming background and have already wrapped the database validation code in a function, so I'm really just looking for a way to control the program flow by passing the CustomerID to the function and acting depending on the result.
I could do it in VB.Net without a problem but Classic ASP is a steep learning curve and time is tight.
Thanks.
Jay.
ASKER
Hi,
I just need to check that the customerID exists in the customers table and that it is active.
Thanks.
I just need to check that the customerID exists in the customers table and that it is active.
Thanks.
you could try this sample code
http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=4&txtCodeId=7206
http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=4&txtCodeId=7206
jay1971a --
What kind of database are you connecting to (i.e. SQL Server, Access), and what version (e.g. 2005, 2003, 2005)?
-= DeathToSpam =-
What kind of database are you connecting to (i.e. SQL Server, Access), and what version (e.g. 2005, 2003, 2005)?
-= DeathToSpam =-
let's say you have a form that has an input field called 'custid'. once the form get's submitted and you could have an ASP script that has the following code below. In the script you would do the following:
<%
dim mConn
dim mRS
set mConn = server.createobject("ADODB
mConn.open "connection string to whatever - SQL Server, etc."
set mRS = server.createobject("ADODB
mRS.Open "select * from custtable where custid=" & request.form("custid") & "'", mConn
if not mRS.EOF then
response.write "Found the ID"
else
response.write "ID does not exist in DB"
end if
mRS.Close
set mRS = Nothing
mConn.Close
set mConn = Nothing
%>
<%
dim mConn
dim mRS
set mConn = server.createobject("ADODB
mConn.open "connection string to whatever - SQL Server, etc."
set mRS = server.createobject("ADODB
mRS.Open "select * from custtable where custid=" & request.form("custid") & "'", mConn
if not mRS.EOF then
response.write "Found the ID"
else
response.write "ID does not exist in DB"
end if
mRS.Close
set mRS = Nothing
mConn.Close
set mConn = Nothing
%>
form.html to take in the custid
<html>
<body>
<form action='process.asp' method='post'>
<input type='text' name='custid' />
<input type='submit' />
</form>
</body>
</html>
NOTE - the input field is called CUSTID
process.asp is below -
<html>
<body>
<%
dim mConn
dim mRS
set mConn = server.createobject("ADODB
mConn.open "connection string to whatever - SQL Server, etc."
set mRS = server.createobject("ADODB
mRS.Open "select * from custtable where custid=" & request.form("custid") & "'", mConn
if not mRS.EOF then
response.write "Found the ID"
else
response.write "ID does not exist in DB"
end if
mRS.Close
set mRS = Nothing
mConn.Close
set mConn = Nothing
%>
</body>
</html>
jay1971a --
Try this code out. You'll only need to change two lines of code to get it to work:
1) Modify the value of the DATABASE_CONNECTION_STRING
2) Modify the value of sSqlQuery variable so that it checks your table to see if the Customer ID exists.
==========================
<% Option Explicit
Response.Buffer = True
Dim bIsPostback, sCustomerID, sEmailAddress, sPassword, sDisplayMessageHTML
Dim sSqlQuery, oConnection, oRecordset, bCustomerIdExists, sRedirectURL
'// NOTE: You need to enter this information to connect to your database.
Const DATABASE_CONNECTION_STRING
ASENAME;Uid=USERNAME;Pwd=P
bIsPostback = (Trim(Request.Form("IsPost
sDisplayMessageHTML = ""
If (NOT bIsPostback) Then
'// This is the user's first time visiting the page.
sCustomerID = "": sEmailAddress = "": sPassword = ""
Else
'// User has been to the page before.
sCustomerID = Trim(Request.Form("Custome
sEmailAddress = Trim(Request.Form("EmailAd
sPassword = Trim(Request.Form("Passwor
If (sCustomerID = "") Then
'// ERROR: Customer ID is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Customer ID</b> field."
ElseIf NOT IsNumeric(sCustomerID) Then
'// ERROR: Customer ID was specified, but is not a valid number.
sDisplayMessageHTML = "Please enter a valid number for the <b>Customer ID</b> field."
ElseIf (sEmailAddress = "") Then
'// ERROR: Email Address is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Email Address</b> field."
ElseIf (sPassword = "") Then
'// ERROR: Password is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Password</b> field."
Else
'// Check to see if the specified customer ID exists in the database.
'// NOTE: You need to change "TableName" and "CustomerID" to reflect your table's info.
'sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM TableName WHERE CustomerID = " & sCustomerID
sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM client_batches WHERE client_id = " & sCustomerID
Set oConnection = Server.CreateObject("ADODB
Call oConnection.Open(DATABASE_
Set oRecordset = oConnection.Execute(sSqlQu
bCustomerIdExists = (NOT oRecordset.EOF)
Set oRecordset = Nothing
Call oConnection.Close(): Set oConnection = Nothing
If NOT bCustomerIdExists Then
'// ERROR: Customer ID is a valid number, but could not be found in the database.
sDisplayMessageHTML = "The customer ID you specified could not be found."
Else
'// Here is where you create the URL you want to redirect to.
sRedirectURL = "http://www.somewhere.com/somepage.asp?customerID=" & Server.URLEncode(sCustomer
sRedirectURL = sRedirectURL & "&emailaddress=" & Server.URLEncode(sEmailAdd
sRedirectURL = sRedirectURL & "&password=" & Server.URLEncode(sPassword
'// Uncomment this line if you want to redirect to the page.
'Call Response.Clear(): Call Response.Redirect(sRedirec
'// Debugging code to see what the URL is you'll be redirecting to.
Call Response.Write("<b>sRedire
Call Response.End()
End If
End If
End If %>
<html>
<head><title>jay1971a's answer</title></head>
<body>
<form action="<%=Request.ServerV
<input type="hidden" name="IsPostback" value="True">
<div style="width:600px;">
<% If (sDisplayMessageHTML <> "") Then %>
<div style="border:1px solid black;padding:10px;margin-
<% End If %>
<table>
<tr>
<td><b>Customer ID</b></td>
<td><input type="text" name="CustomerID" size="35" value="<%=Server.HTMLEncod
</tr>
<tr>
<td><b>Email Address</b></td>
<td><input type="text" name="EmailAddress" size="35" value="<%=Server.HTMLEncod
</tr>
<tr>
<td><b>Password</b></td>
<td><input type="password" name="Password" size="35" value="<%=Server.HTMLEncod
</tr>
<tr><td colspan="2"> </td></t
<tr>
<td><input type="submit" value="Submit Info"></td>
<td><input type="button" value="Start Over" onclick="document.location
</tr>
</table>
</div>
</form>
</body>
</html>
==========================
-= DeathToSpam =-
Try this code out. You'll only need to change two lines of code to get it to work:
1) Modify the value of the DATABASE_CONNECTION_STRING
2) Modify the value of sSqlQuery variable so that it checks your table to see if the Customer ID exists.
==========================
<% Option Explicit
Response.Buffer = True
Dim bIsPostback, sCustomerID, sEmailAddress, sPassword, sDisplayMessageHTML
Dim sSqlQuery, oConnection, oRecordset, bCustomerIdExists, sRedirectURL
'// NOTE: You need to enter this information to connect to your database.
Const DATABASE_CONNECTION_STRING
ASENAME;Uid=USERNAME;Pwd=P
bIsPostback = (Trim(Request.Form("IsPost
sDisplayMessageHTML = ""
If (NOT bIsPostback) Then
'// This is the user's first time visiting the page.
sCustomerID = "": sEmailAddress = "": sPassword = ""
Else
'// User has been to the page before.
sCustomerID = Trim(Request.Form("Custome
sEmailAddress = Trim(Request.Form("EmailAd
sPassword = Trim(Request.Form("Passwor
If (sCustomerID = "") Then
'// ERROR: Customer ID is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Customer ID</b> field."
ElseIf NOT IsNumeric(sCustomerID) Then
'// ERROR: Customer ID was specified, but is not a valid number.
sDisplayMessageHTML = "Please enter a valid number for the <b>Customer ID</b> field."
ElseIf (sEmailAddress = "") Then
'// ERROR: Email Address is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Email Address</b> field."
ElseIf (sPassword = "") Then
'// ERROR: Password is blank.
sDisplayMessageHTML = "Please enter the value for the <b>Password</b> field."
Else
'// Check to see if the specified customer ID exists in the database.
'// NOTE: You need to change "TableName" and "CustomerID" to reflect your table's info.
'sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM TableName WHERE CustomerID = " & sCustomerID
sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM client_batches WHERE client_id = " & sCustomerID
Set oConnection = Server.CreateObject("ADODB
Call oConnection.Open(DATABASE_
Set oRecordset = oConnection.Execute(sSqlQu
bCustomerIdExists = (NOT oRecordset.EOF)
Set oRecordset = Nothing
Call oConnection.Close(): Set oConnection = Nothing
If NOT bCustomerIdExists Then
'// ERROR: Customer ID is a valid number, but could not be found in the database.
sDisplayMessageHTML = "The customer ID you specified could not be found."
Else
'// Here is where you create the URL you want to redirect to.
sRedirectURL = "http://www.somewhere.com/somepage.asp?customerID=" & Server.URLEncode(sCustomer
sRedirectURL = sRedirectURL & "&emailaddress=" & Server.URLEncode(sEmailAdd
sRedirectURL = sRedirectURL & "&password=" & Server.URLEncode(sPassword
'// Uncomment this line if you want to redirect to the page.
'Call Response.Clear(): Call Response.Redirect(sRedirec
'// Debugging code to see what the URL is you'll be redirecting to.
Call Response.Write("<b>sRedire
Call Response.End()
End If
End If
End If %>
<html>
<head><title>jay1971a's answer</title></head>
<body>
<form action="<%=Request.ServerV
<input type="hidden" name="IsPostback" value="True">
<div style="width:600px;">
<% If (sDisplayMessageHTML <> "") Then %>
<div style="border:1px solid black;padding:10px;margin-
<% End If %>
<table>
<tr>
<td><b>Customer ID</b></td>
<td><input type="text" name="CustomerID" size="35" value="<%=Server.HTMLEncod
</tr>
<tr>
<td><b>Email Address</b></td>
<td><input type="text" name="EmailAddress" size="35" value="<%=Server.HTMLEncod
</tr>
<tr>
<td><b>Password</b></td>
<td><input type="password" name="Password" size="35" value="<%=Server.HTMLEncod
</tr>
<tr><td colspan="2"> </td></t
<tr>
<td><input type="submit" value="Submit Info"></td>
<td><input type="button" value="Start Over" onclick="document.location
</tr>
</table>
</div>
</form>
</body>
</html>
==========================
-= DeathToSpam =-
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That's excellent!
Precisely what I needed.
Thanks very much.
Jay.
Precisely what I needed.
Thanks very much.
Jay.
No problem. :) It's definitely a lot more code than you should be expected to write on your own as a Classic ASP novice. But hopefully it's straightforward enough that you can understand what's there, and how it all works. Either way, I'm glad it works for you.
-= DeathToSpam =-
-= DeathToSpam =-
When you say that you want to make sure the "CustomerID is valid", what does that mean? Are you checking only to make sure that the CustomerID the user enters already exists? Or is there something else I'm missing?
-= DeathToSpam =-