?
Solved

Classic ASP. Validate data in a form and post the result to a URL.

Posted on 2006-11-16
10
Medium Priority
?
794 Views
Last Modified: 2008-01-09
Hi,

I'm a complete novice when it comes to classic asp and was wondering if anyone could show me how to create a form which collects a CustomerID, Email Address and Password then validates this data in a database to check that the customerID is valid. If valid, the information will be posted to a url, otherwise we'll re-direct to an error page.

I come from an event driven programming background and have already wrapped the database validation code in a function, so I'm really just looking for a way to control the program flow by passing the CustomerID to the function and acting depending on the result.

I could do it in VB.Net without a problem but Classic ASP is a steep learning curve and time is tight.

Thanks.

Jay.
0
Comment
Question by:jay1971a
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 9

Expert Comment

by:deathtospam
ID: 17957789
jay1971a --

When you say that you want to make sure the "CustomerID is valid", what does that mean?  Are you checking only to make sure that the CustomerID the user enters already exists?  Or is there something else I'm missing?


-= DeathToSpam =-
0
 

Author Comment

by:jay1971a
ID: 17957807
Hi,

I just need to check that the customerID exists in the customers table and that it is active.

Thanks.
0
 
LVL 6

Expert Comment

by:iscode
ID: 17958352
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 9

Expert Comment

by:deathtospam
ID: 17958756
jay1971a --

What kind of database are you connecting to (i.e. SQL Server, Access), and what version (e.g. 2005, 2003, 2005)?


-= DeathToSpam =-
0
 
LVL 13

Expert Comment

by:samic400
ID: 17958759
let's say you have a form that has an input field called 'custid'. once the form get's submitted and you could have an ASP script that has the following code below. In the script you would do the following:

<%
dim mConn
dim mRS

set mConn = server.createobject("ADODB.CONNECTION")
mConn.open "connection string to whatever - SQL Server, etc."

set mRS = server.createobject("ADODB.RECORDSET")
mRS.Open "select * from custtable where custid=" & request.form("custid") & "'", mConn

if not mRS.EOF then
      response.write "Found the ID"
 else
     response.write "ID does not exist in DB"
end if

mRS.Close
set mRS = Nothing

mConn.Close
set mConn = Nothing

%>
0
 
LVL 13

Expert Comment

by:samic400
ID: 17958804

form.html to take in the custid

<html>
<body>
<form action='process.asp' method='post'>
<input type='text' name='custid' />
<input type='submit' />
</form>
</body>
</html>

NOTE - the input field is called CUSTID

process.asp is below -

<html>
<body>
<%
dim mConn
dim mRS

set mConn = server.createobject("ADODB.CONNECTION")
mConn.open "connection string to whatever - SQL Server, etc."

set mRS = server.createobject("ADODB.RECORDSET")
mRS.Open "select * from custtable where custid=" & request.form("custid") & "'", mConn

if not mRS.EOF then
      response.write "Found the ID"
 else
     response.write "ID does not exist in DB"
end if

mRS.Close
set mRS = Nothing

mConn.Close
set mConn = Nothing

%>
</body>
</html>
0
 
LVL 9

Expert Comment

by:deathtospam
ID: 17959031
jay1971a --

Try this code out.  You'll only need to change two lines of code to get it to work:

1) Modify the value of the DATABASE_CONNECTION_STRING constant so that it points to your database.
2) Modify the value of sSqlQuery variable so that it checks your table to see if the Customer ID exists.

======================================================
<%      Option Explicit
      Response.Buffer = True

      Dim bIsPostback, sCustomerID, sEmailAddress, sPassword, sDisplayMessageHTML
      Dim sSqlQuery, oConnection, oRecordset, bCustomerIdExists, sRedirectURL
      
      '// NOTE: You need to enter this information to connect to your database.
      Const DATABASE_CONNECTION_STRING = "Driver={SQL Server};Server=SERVERNAME;Database=DATAB
ASENAME;Uid=USERNAME;Pwd=PASSWORD;

      bIsPostback = (Trim(Request.Form("IsPostback")) <> "")
      sDisplayMessageHTML = ""

      If (NOT bIsPostback) Then
            '// This is the user's first time visiting the page.
            sCustomerID = "":  sEmailAddress = "":  sPassword = ""
      Else
            '// User has been to the page before.
            sCustomerID = Trim(Request.Form("CustomerID"))
            sEmailAddress = Trim(Request.Form("EmailAddress"))
            sPassword = Trim(Request.Form("Password"))

            If (sCustomerID = "") Then
                  '// ERROR: Customer ID is blank.
                  sDisplayMessageHTML = "Please enter the value for the <b>Customer ID</b> field."
            ElseIf NOT IsNumeric(sCustomerID) Then
                  '// ERROR: Customer ID was specified, but is not a valid number.
                  sDisplayMessageHTML = "Please enter a valid number for the <b>Customer ID</b> field."
            ElseIf (sEmailAddress = "") Then
                  '// ERROR: Email Address is blank.
                  sDisplayMessageHTML = "Please enter the value for the <b>Email Address</b> field."
            ElseIf (sPassword = "") Then
                  '// ERROR: Password is blank.
                  sDisplayMessageHTML = "Please enter the value for the <b>Password</b> field."
            Else
                  '// Check to see if the specified customer ID exists in the database.
                  '// NOTE: You need to change "TableName" and "CustomerID" to reflect your table's info.
                  'sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM TableName WHERE CustomerID = " & sCustomerID
                  sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM client_batches WHERE client_id = " & sCustomerID

                  Set oConnection = Server.CreateObject("ADODB.Connection")
                  Call oConnection.Open(DATABASE_CONNECTION_STRING)
                  Set oRecordset = oConnection.Execute(sSqlQuery)
                        bCustomerIdExists = (NOT oRecordset.EOF)
                  Set oRecordset = Nothing
                  Call oConnection.Close():  Set oConnection = Nothing

                  If NOT bCustomerIdExists Then
                        '// ERROR: Customer ID is a valid number, but could not be found in the database.
                        sDisplayMessageHTML = "The customer ID you specified could not be found."
                  Else
                        '// Here is where you create the URL you want to redirect to.
                        sRedirectURL = "http://www.somewhere.com/somepage.asp?customerID=" & Server.URLEncode(sCustomerID)
                        sRedirectURL = sRedirectURL & "&emailaddress=" & Server.URLEncode(sEmailAddress)
                        sRedirectURL = sRedirectURL & "&password=" & Server.URLEncode(sPassword)

                        '// Uncomment this line if you want to redirect to the page.
                        'Call Response.Clear():  Call Response.Redirect(sRedirectURL)
                        
                        '// Debugging code to see what the URL is you'll be redirecting to.
                        Call Response.Write("<b>sRedirectURL</b> = [<u>" & Server.HTMLEncode(sRedirectURL) & "</u>]<br>" & vbNewLine)
                        Call Response.End()
                  End If
            End If
      End If %>
<html>
      <head><title>jay1971a's answer</title></head>
      <body>
            <form action="<%=Request.ServerVariables("SCRIPT_NAME")%>" method="post">
            <input type="hidden" name="IsPostback" value="True">
            
            <div style="width:600px;">
<%      If (sDisplayMessageHTML <> "") Then %>
            <div style="border:1px solid black;padding:10px;margin-bottom:20px;text-align:center;font-weight:bold;color:red;"><%=sDisplayMessageHTML%></div>
<%      End If %>

            <table>
                  <tr>
                        <td><b>Customer ID</b></td>
                        <td><input type="text" name="CustomerID" size="35" value="<%=Server.HTMLEncode(sCustomerID)%>"></td>
                  </tr>
                  <tr>
                        <td><b>Email Address</b></td>
                        <td><input type="text" name="EmailAddress" size="35" value="<%=Server.HTMLEncode(sEmailAddress)%>"></td>
                  </tr>
                  <tr>
                        <td><b>Password</b></td>
                        <td><input type="password" name="Password" size="35" value="<%=Server.HTMLEncode(sPassword)%>"></td>
                  </tr>
                  <tr><td colspan="2">&nbsp;</td></td>
                  <tr>
                        <td><input type="submit" value="Submit Info"></td>
                        <td><input type="button" value="Start Over" onclick="document.location.href = document.location.href;"></td>
                  </tr>
            </table>
            </div>

            </form>
      </body>
</html>
======================================================



-= DeathToSpam =-
0
 
LVL 9

Accepted Solution

by:
deathtospam earned 2000 total points
ID: 17959154
jay1971a --

Try this code out.  You'll only need to change two lines of code to get it to work:

1) Modify the value of the DATABASE_CONNECTION_STRING constant so that it points to your database.
2) Modify the value of sSqlQuery variable so that it checks your table to see if the Customer ID exists.

======================================================
<%     Option Explicit
     Response.Buffer = True

     Dim bIsPostback, sCustomerID, sEmailAddress, sPassword, sDisplayMessageHTML
     Dim sSqlQuery, oConnection, oRecordset, bCustomerIdExists, sRedirectURL
     
     '// NOTE: You need to enter this information to connect to your database.
     Const DATABASE_CONNECTION_STRING = "Driver={SQL Server};Server=SERVERNAME;Database=DATABASENAME;Uid=USERNAME;Pwd=PASSWORD;"

     bIsPostback = (Trim(Request.Form("IsPostback")) <> "")
     sDisplayMessageHTML = ""

     If (NOT bIsPostback) Then
          '// This is the user's first time visiting the page.
          sCustomerID = "":  sEmailAddress = "":  sPassword = ""
     Else
          '// User has been to the page before.
          sCustomerID = Trim(Request.Form("CustomerID"))
          sEmailAddress = Trim(Request.Form("EmailAddress"))
          sPassword = Trim(Request.Form("Password"))

          If (sCustomerID = "") Then
               '// ERROR: Customer ID is blank.
               sDisplayMessageHTML = "Please enter the value for the <b>Customer ID</b> field."
          ElseIf NOT IsNumeric(sCustomerID) Then
               '// ERROR: Customer ID was specified, but is not a valid number.
               sDisplayMessageHTML = "Please enter a valid number for the <b>Customer ID</b> field."
          ElseIf (sEmailAddress = "") Then
               '// ERROR: Email Address is blank.
               sDisplayMessageHTML = "Please enter the value for the <b>Email Address</b> field."
          ElseIf (sPassword = "") Then
               '// ERROR: Password is blank.
               sDisplayMessageHTML = "Please enter the value for the <b>Password</b> field."
          Else
               '// Check to see if the specified customer ID exists in the database.
               '// NOTE: You need to change "TableName" and "CustomerID" to reflect your table's info.
               'sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM TableName WHERE CustomerID = " & sCustomerID
               sSqlQuery = "SELECT 'True' AS [CustomerIdExists] FROM client_batches WHERE client_id = " & sCustomerID

               Set oConnection = Server.CreateObject("ADODB.Connection")
               Call oConnection.Open(DATABASE_CONNECTION_STRING)
               Set oRecordset = oConnection.Execute(sSqlQuery)
                    bCustomerIdExists = (NOT oRecordset.EOF)
               Set oRecordset = Nothing
               Call oConnection.Close():  Set oConnection = Nothing

               If NOT bCustomerIdExists Then
                    '// ERROR: Customer ID is a valid number, but could not be found in the database.
                    sDisplayMessageHTML = "The customer ID you specified could not be found."
               Else
                    '// Here is where you create the URL you want to redirect to.
                    sRedirectURL = "http://www.somewhere.com/somepage.asp?customerID=" & Server.URLEncode(sCustomerID)
                    sRedirectURL = sRedirectURL & "&emailaddress=" & Server.URLEncode(sEmailAddress)
                    sRedirectURL = sRedirectURL & "&password=" & Server.URLEncode(sPassword)

                    '// Uncomment this line if you want to redirect to the page.
                    'Call Response.Clear():  Call Response.Redirect(sRedirectURL)
                   
                    '// Debugging code to see what the URL is you'll be redirecting to.
                    Call Response.Write("<b>sRedirectURL</b> = [<u>" & Server.HTMLEncode(sRedirectURL) & "</u>]<br>" & vbNewLine)
                    Call Response.End()
               End If
          End If
     End If %>
<html>
     <head><title>jay1971a's answer</title></head>
     <body>
          <form action="<%=Request.ServerVariables("SCRIPT_NAME")%>" method="post">
          <input type="hidden" name="IsPostback" value="True">
         
          <div style="width:600px;">
<%     If (sDisplayMessageHTML <> "") Then %>
          <div style="border:1px solid black;padding:10px;margin-bottom:20px;text-align:center;font-weight:bold;color:red;"><%=sDisplayMessageHTML%></div>
<%     End If %>

          <table>
               <tr>
                    <td><b>Customer ID</b></td>
                    <td><input type="text" name="CustomerID" size="35" value="<%=Server.HTMLEncode(sCustomerID)%>"></td>
               </tr>
               <tr>
                    <td><b>Email Address</b></td>
                    <td><input type="text" name="EmailAddress" size="35" value="<%=Server.HTMLEncode(sEmailAddress)%>"></td>
               </tr>
               <tr>
                    <td><b>Password</b></td>
                    <td><input type="password" name="Password" size="35" value="<%=Server.HTMLEncode(sPassword)%>"></td>
               </tr>
               <tr><td colspan="2">&nbsp;</td></td>
               <tr>
                    <td><input type="submit" value="Submit Info"></td>
                    <td><input type="button" value="Start Over" onclick="document.location.href = document.location.href;"></td>
               </tr>
          </table>
          </div>

          </form>
     </body>
</html>
======================================================



-= DeathToSpam =-
0
 

Author Comment

by:jay1971a
ID: 17963433
That's excellent!

Precisely what I needed.

Thanks very much.

Jay.
0
 
LVL 9

Expert Comment

by:deathtospam
ID: 17965828
No problem.  :)  It's definitely a lot more code than you should be expected to write on your own as a Classic ASP novice.  But hopefully it's straightforward enough that you can understand what's there, and how it all works.  Either way, I'm glad it works for you.


-= DeathToSpam =-
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question