Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Record does not update after submission

Posted on 2013-01-13
4
Medium Priority
?
342 Views
Last Modified: 2013-01-13
I am trying to update individual records with a standard ASP update form.  I am able to select the record I want to update on the selection page, but the update page does not update the record. When I enter/select my new information and hit submit, I am redirected to the Thank You page, but the record is not updated.

Below is the code for the update page for review. Any assistance is greatly appreciated in correcting the issue. Thank you.

<%
Dim Recordset1
Dim Recordset1_numRows

pID=Request.Querystring("ID")
pIDX=Request.Form("IDX")

Set Recordset1 = Server.CreateObject("ADODB.recordset")
Recordset1.ActiveConnection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

Recordset1.Source = "SELECT * FROM procedures WHERE proc_title = '"&Request.Form("proc_title")&"' " & pID

Recordset1.CursorType = 0
Recordset1.CursorLocation = 2
Recordset1.LockType = 1
Recordset1.Open()
Recordset1_numRows = 0

If request("Update") = "Update" Then

Set Recordset1 = Server.CreateObject("ADODB.connection")
Recordset1.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

sql=""
If Request.Form("proc_title_new") & "" <> "" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF
If Request.Form("proc_file_new") & "" <> "" Then
  sql=sql & ",proc_file='" & Request.Form("proc_file_new") & "'"
End IF
If Request.Form("date_effective") & "" <> "" Then
  sql=sql & ",date_effective='" & Request.Form("date_effective_new") & "'"
End IF
If Request.Form("proc_info_new") & "" <> "" Then
sql=sql & ",proc_info='" & Request.Form("proc_info_new") & "'"
End IF

sql="UPDATE procedures SET " & Mid(sql, 2, 10000) 
sql=sql & " WHERE ID = " & pIDX& "" 
'response.write sql 
rs.Execute sql
       
Response.Redirect "thankyou.htm"   

ELSE

If request("Delete") = "Delete" Then

Set Recordset1 = Server.CreateObject("ADODB.connection")
Recordset1.open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=c:\inetpub\wwwroot\procedures\db\proc.mdb"

sql="DELETE * FROM procedures"
sql=sql & " WHERE ID = " & pIDX & ""
Recordset1.Execute sql
      
Response.Redirect "thankyou.htm"   

end if
end if

%>

<html>
<head>
<title>Procedures Submission Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="styles/web.css" rel="stylesheet" type="text/css">
<link rel="shortcut icon" type="image/x-icon" href="favicon.ico">
<script language="javascript" src="scripts/datetimepicker.js"></script>
<script language="javascript" src="scripts/additional.js"></script>
</head>

<body leftmargin="0" topmargin="0" rightmargin="0">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
  <tr>
    <td height="65" bgcolor="#000000"> 
      <div align="center"></div></td>
  </tr>
  <tr>
    <td><div align="center"> 
        <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
          <tr>
            <td><form action="thankyou.asp" method="post" name="form1">
                <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
                  <tr> 
                    <td>&nbsp;</td>
                  </tr>
                  <tr>
                    <td><div align="center"><strong><font color="#FF0000">MODIFICATIONS/UPDATE 
                        PAGE</font></strong></div></td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                  </tr>
                </table>
                <table width="600" border="0" cellpadding="0" cellspacing="0" class="text-large">
                  <tr> 
                    <td width="200" height="25"><font color="#000000"><strong>Current 
                      Procedures Title</strong></font></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_title").Value)%></font></td>
                    <td width="10">&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><font color="#FF0000"><strong>New Title</strong></font></td>
                    <td><input name="proc_title_new" type="text" id="proc_title_new" size="55" maxlength="100"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><strong>Current PDF/Document</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_file").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><font color="#FF0000"><strong>New File to 
                      be uploaded (PDF)</strong></font></td>
                    <td><input name="proc_file_new" type="file" id="proc_file_new" size="41"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="25"><strong>Current Effective Date</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("date_effective").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><strong><font color="#FF0000">New Effective Date</font></strong></td>
                    <td><input name="date_effective_new" type="text" id="date_effective_new" value="<%=date()%>" size="10" maxlength="10" readonly="true"> 
                      <a href="javascript:NewCal('date_effective_new','mmddyyyy')"><img src="images/calnew.gif" alt="Select an end date" width="22" height="16" border="0" align="absmiddle"></a> 
                      <font color="#585858">Use calendar to change date</font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><strong>Current Procedures Info</strong></td>
                    <td><font color="#000000"><%=(Recordset1.Fields.Item("proc_info").Value)%></font></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td valign="top"><font color="#FF0000"><strong>New Information</strong></font></td>
                    <td><textarea name="proc_info_new" cols="42" rows="10" id="proc_info_new"></textarea></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td height="17"><font color="#000000">&nbsp;</font></td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td><input name="date_sub" type="hidden" id="date_sub" value="<%=date()%>">
                      <strong> 
                      <input name="IDX" type="hidden" id="IDX" value="<%=(Recordset1.Fields.Item("ID").Value)%>">
                      </strong> </td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td><font color="#000000">&nbsp;</font></td>
                    <td><input name="Update" type="submit" id="Update" value="Update">
                      &nbsp; 
                      <input name="Clear" type="reset" id="Clear" value="Clear">
                      &nbsp; 
                      <input name="Delete" type="submit" id="Delete" onClick="GP_popupConfirmMsg('YOU ARE ABOUT TO DELETE THE CURRENT RECORD. CLICK OK TO CONTINUE OR CANCEL TO ABORT.');return document.MM_returnValue" value="Delete">
                      &nbsp;
                      <input name="button" type="button" onClick="location.href='submission_new.asp';" value="Go Back"></td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                  <tr> 
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                    <td>&nbsp;</td>
                  </tr>
                </table>
              </form></td>
          </tr>
        </table>
      </div></td>
  </tr>
</table>
</body>
</html>

Open in new window

0
Comment
Question by:arendt73
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
4 Comments
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38772989
Please update this portion of your code so we can see the actual sql being submitted.

sql="UPDATE procedures SET " & Mid(sql, 2, 10000)
sql=sql & " WHERE ID = " & pIDX& "" 
'response.write sql
rs.Execute sql
       
Response.Redirect "thankyou.htm"


to

sql="UPDATE procedures SET " & Mid(sql, 2, 10000)
sql=sql & " WHERE ID = " & pIDX& "" 
response.write sql
rs.Execute sql
 
response.end      
'Response.Redirect "thankyou.htm"

Run the page and report back what response.write sql is.
0
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 2000 total points
ID: 38772994
This does not look right.

If Request.Form("proc_title_new") & "" <> "" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF

and should probably be

If Request.Form("proc_title_new") <>"" Then
  sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"
End IF
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38773007
What is the purpose of this?

Mid(sql, 2, 10000)

To me it looks like a work around for something that is not right to start with.

I see this code in your sql

 sql=sql & ",proc_title='" & Request.Form("proc_title_new") & "'"

where you start out with a comma.  Just take out the comma.

What you probably want to end up with is something like

UPDATE procedures SET proc_title="whatever_reqform_proc_title_new_is" where ID="pidx_number"
0
 
LVL 53

Expert Comment

by:Scott Fell, EE MVE
ID: 38773026
Since you are already using dreamweaver to create most of your asp, I think it would be good for you to start with the update and insert commands dreamweaver creates.  Once that works, then hand code.  I know you said before you think dreamweaver ads extra code. But that is just chatter from the mx days.  You are already using 90% of what dreamweaver creates as it is.  The big advantage for you is the newest versions of dreamweaver are using  their parameter quires and their own flavor of stored procedures.  This helps safeguard your data input.  

http://support.microsoft.com/kb/200190

In addition you should at least start scrubbing  your input with a minimal.

x=replace(request.form("x"),"'","")

If you are not expecting html then

x=replace(request.form("x"),"'","")
x=replace(x,"<","")
x=replace(x,">","")

If you are expecting a number then
x=replace(request.form("x"),"'","")
x=replace(x,"<","")
x=replace(x,">","")
if not isnumeric(x) then
     x=0 'if not a number, use zero or Null
end if
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Access custom database properties are useful for storing miscellaneous bits of information in a format that persists through database closing and reopening.  This article shows how to create and use them.
Code that checks the QuickBooks schema table for non-updateable fields and then disables those controls on a form so users don't try to update them.
Using Microsoft Access, learn some simple rules for how to construct tables in a relational database. Split up all multi-value fields into single values: Split up fields that belong to other things into separate tables: Make sure that all record…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question