• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 641
  • Last Modified:

ASP error '80020009' Exception occurred - relates to a Replace function

Hi Experts,

I've got an issue with an ASP site that uses an access database. It's probably a simple fix but i'm not familiar with ASP/access.

The issue occurs when they try to save a specific page, it's quite large, 99% HTML with a few javascript snippets in places. It's pretty messy due to years of editing via an old WYSIWYG, I'm really hoping to avoid manually cleaning it up if possible.

The issue has only emerged recently however reverting the content by restoring a backup of the DB doesn't seem to have fixed it. Other pages on the site are quite similar and  work fine.


When the user saves the page they get:

error '80020009'

Exception occurred.
save_section.asp, line 22

The line line mentioned from save_section.asp relates to sanitising the inputs for the access DB (see below)

There isn't really anything else to the file, the other parts are just the query and the response redirect once the query completes.

Let me know if I've missed any information which would help.

W1B



 
Dim strSQLpage, rsPage
	
	
	strSQLpage = "UPDATE tablename SET pagename = '" & MakeTextDBSafe(Request.Form("textarea")) & "' WHERE idpage = " & request.form("pageid")
	
	'Set rsPage = Server.CreateObject("ADODB.recordset")

	Set rsPage = dbCon.Execute(strSQLpage)

	response.write request.form("pageid")
	
	response.redirect "cms.asp?pageid=" & request.form("pageid") & "&saved=1"
	
	
	Function MakeTextDBSafe(strInputText)

	Dim strSafeText
	
	'replace apostrophies with double apostrophies
	strSafeText = Replace(strInputText, "'", "''")      '<--LINE 22

	
	MakeTextDBSafe = Trim(strSafeText)

End Function

Open in new window

0
While1-Breathe
Asked:
While1-Breathe
4 Solutions
 
Wayne BarronAuthor, Web DeveloperCommented:
Try this instead

strInputText = request.form("Fieldname")

strInputText = Replace(strInputText, "'", "''")

Good Luck
Carrzkiss
0
 
BanthorCommented:
Null is not an empty String, If the form element does not exist request.form("textarea")  null will be sent to the function.
either add a empty string to strInputText
strInputText = strInputText & ""
or validate request.form("textarea") before building strSQLpage
 
 
 
0
 
Dhanasekaran SengodanCommented:
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
govindarajan78Commented:

1. as Banthor says append an empty string and check

2. check as karrzkiss says - it will confirm that whether the error is in the line 22 or not [some times error line number faulty]

3. the line 6 is commented; un comment it and remove the word set from line 8 and check
0
 
While1-BreatheAuthor Commented:
Thanks for the quick responses everyone, I'll try these out later this afternoon (GMT+10).
0
 
While1-BreatheAuthor Commented:
Thanks for all your answers, it turns out the issue was due to the size of the page.

Apparently there is a limit of 102,000 characters for a POST in classic ASP, the page was sneaking in at 104,000.

We've got around it by updating the code to read the form in binary format.




0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now