Solved

Record does not update after submission

Posted on 2013-01-13
4
333 Views
Last Modified: 2013-01-13
I am trying to update individual records with a standard ASP update form.  I am able to select the record I want to update on the selection page, but the update page does not update the record. When I enter/select my new information and hit submit, I am redirected to the Thank You page, but the record is not updated.

Below is the code for the update page for review. Any assistance is greatly appreciated in correcting the issue. Thank you.

<%
Dim Recordset1
Dim Recordset1_numRows

pID=Request.Querystring("ID")
pIDX=Request.Form("IDX")

Set Recordset1 = Server.CreateObject("ADODB.recordset")
Recordset1.ActiveConnection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

Recordset1.Source = "SELECT * FROM procedures WHERE proc_title = '"&Request.Form("proc_title")&"' " & pID

Recordset1.CursorType = 0
Recordset1.CursorLocation = 2
Recordset1.LockType = 1
Recordset1.Open()
Recordset1_numRows = 0

If request("Update") = "Update" Then

Set Recordset1 = Server.CreateObject("ADODB.connection")
Recordset1.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

sql=""
If Request.Form("proc_title_new") & "" <> "" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF
If Request.Form("proc_file_new") & "" <> "" Then
  sql=sql & ",proc_file='" & Request.Form("proc_file_new") & "'"
End IF
If Request.Form("date_effective") & "" <> "" Then
  sql=sql & ",date_effective='" & Request.Form("date_effective_new") & "'"
End IF
If Request.Form("proc_info_new") & "" <> "" Then
sql=sql & ",proc_info='" & Request.Form("proc_info_new") & "'"
End IF

sql="UPDATE procedures SET " & Mid(sql, 2, 10000) 
sql=sql & " WHERE ID = " & pIDX& "" 
'response.write sql 
rs.Execute sql
       
Response.Redirect "thankyou.htm"   

ELSE

If request("Delete") = "Delete" Then

Set Recordset1 = Server.CreateObject("ADODB.connection")
Recordset1.open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

sql="DELETE * FROM procedures"
sql=sql & " WHERE ID = " & pIDX & ""
Recordset1.Execute sql
      
Response.Redirect "thankyou.htm"   

end if
end if

%>

<html>
<head>
<title>Procedures Submission Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="styles/web.css" rel="stylesheet" type="text/css">
<link rel="shortcut icon" type="image/x-icon" href="favicon.ico">
<script language="javascript" src="scripts/datetimepicker.js"></script>
<script language="javascript" src="scripts/additional.js"></script>
</head>

<body leftmargin="0" topmargin="0" rightmargin="0">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
  <tr>
    <td height="65" bgcolor="#000000"> 
      <div align="center"></div></td>
  </tr>
  <tr>
    <td><div align="center"> 
        <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
          <tr>
            <td><form action="thankyou.asp" method="post" name="form1">
                <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
                  <tr> 
                    <td>&nbsp;</td>
                  </tr>
                  <tr>
                    <td><div align="center"><strong><font color="#FF0000">MODIFICATIONS/UPDATE 
                        PAGE</font></strong></div></td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                  </tr>
                </table>
                <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
                  <tr> 
                    <td width="200" height="25"><font color="#000000"><strong>Current 
                      Procedures Title</strong></font></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_title").Value)%></font></td>
                    <td width="10">&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><font color="#FF0000"><strong>New Title</strong></font></td>
                    <td><input name="proc_title_new" type="text" id="proc_title_new" size="55" maxlength="100"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><strong>Current PDF/Document</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_file").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><font color="#FF0000"><strong>New File to 
                      be uploaded (PDF)</strong></font></td>
                    <td><input name="proc_file_new" type="file" id="proc_file_new" size="41"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><strong>Current Effective Date</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("date_effective").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><strong><font color="#FF0000">New Effective Date</font></strong></td>
                    <td><input name="date_effective_new" type="text" id="date_effective_new" value="<%=date()%>" size="10" maxlength="10" readonly="true"> 
                      <a href="javascript:NewCal('date_effective_new','mmddyyyy')"><img src="images/calnew.gif" alt="Select an end date" width="22" height="16" border="0" align="absmiddle"></a> 
                      <font color="#585858">Use calendar to change date</font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><strong>Current Procedures Info</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_info").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td valign="top"><font color="#FF0000"><strong>New Information</strong></font></td>
                    <td><textarea name="proc_info_new" cols="42" rows="10" id="proc_info_new"></textarea></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="17"><font color="#000000">&nbsp;</font></td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td><input name="date_sub" type="hidden" id="date_sub" value="<%=date()%>">
                      <strong> 
                      <input name="IDX" type="hidden" id="IDX" value="<%=(Recordset1.Fields.Item("ID").Value)%>">
                      </strong> </td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td><input name="Update" type="submit" id="Update" value="Update">
                      &nbsp; 
                      <input name="Clear" type="reset" id="Clear" value="Clear">
                      &nbsp; 
                      <input name="Delete" type="submit" id="Delete" onClick="GP_popupConfirmMsg('YOU ARE ABOUT TO DELETE THE CURRENT RECORD. CLICK OK TO CONTINUE OR CANCEL TO ABORT.');return document.MM_returnValue" value="Delete">
                      &nbsp;
                      <input name="button" type="button" onClick="location.href='submission_new.asp';" value="Go Back"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                </table>
              </form></td>
          </tr>
        </table>
      </div></td>
  </tr>
</table>
</body>
</html>

Open in new window

0
Comment
Question by:arendt73
  • 4
4 Comments
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 38772989
Please update this portion of your code so we can see the actual sql being submitted.

sql="UPDATE procedures SET " & Mid(sql, 2, 10000)
sql=sql & " WHERE ID = " & pIDX& ""
'response.write sql
rs.Execute sql
       
Response.Redirect "thankyou.htm"


to

sql="UPDATE procedures SET " & Mid(sql, 2, 10000)
sql=sql & " WHERE ID = " & pIDX& ""
response.write sql
rs.Execute sql
 
response.end      
'Response.Redirect "thankyou.htm"

Run the page and report back what response.write sql is.
0
 
LVL 52

Accepted Solution

by:
Scott Fell,  EE MVE earned 500 total points
ID: 38772994
This does not look right.

If Request.Form("proc_title_new") & "" <> "" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF

and should probably be

If Request.Form("proc_title_new") <>"" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 38773007
What is the purpose of this?

Mid(sql, 2, 10000)

To me it looks like a work around for something that is not right to start with.

I see this code in your sql

 sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"

where you start out with a comma.  Just take out the comma.

What you probably want to end up with is something like

UPDATE procedures SET proc_title="whatever_reqform_proc_title_new_is" where ID="pidx_number"
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 38773026
Since you are already using dreamweaver to create most of your asp, I think it would be good for you to start with the update and insert commands dreamweaver creates.  Once that works, then hand code.  I know you said before you think dreamweaver ads extra code. But that is just chatter from the mx days.  You are already using 90% of what dreamweaver creates as it is.  The big advantage for you is the newest versions of dreamweaver are using  their parameter quires and their own flavor of stored procedures.  This helps safeguard your data input.  

http://support.microsoft.com/kb/200190

In addition you should at least start scrubbing  your input with a minimal.

x=replace(request.form("x"),"'","")

If you are not expecting html then

x=replace(request.form("x"),"'","")
x=replace(x,"<","")
x=replace(x,">","")

If you are expecting a number then
x=replace(request.form("x"),"'","")
x=replace(x,"<","")
x=replace(x,">","")
if not isnumeric(x) then
     x=0 'if not a number, use zero or Null
end if
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article is a continuation or rather an extension from Cascading Combos (http://www.experts-exchange.com/A_5949.html) and builds on examples developed in detail there. It should be understandable alone, but I recommend reading the previous artic…
The first two articles in this short series — Using a Criteria Form to Filter Records (http://www.experts-exchange.com/A_6069.html) and Building a Custom Filter (http://www.experts-exchange.com/A_6070.html) — discuss in some detail how a form can be…
Get people started with the utilization of class modules. Class modules can be a powerful tool in Microsoft Access. They allow you to create self-contained objects that encapsulate functionality. They can easily hide the complexity of a process from…
With Microsoft Access, learn how to specify relationships between tables and set various options on the relationship. Add the tables: Create the relationship: Decide if you’re going to set referential integrity: Decide if you want cascade upda…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now