classic ASP query issue


I have a classic ASP page where I was trying to pull in a text string of comma separated numbers, then pull the names for each numeric value from another db table, and display the text names in a comma separated list on the webpage.

I'm in over my head with the syntax. Is this a fairly routine piece of code?

So I have session variable: session("UserTypes") that would be something like 1,3,5,7.

And I have a db table called AccessTypes that has AccessTypeID and AccessName.

How would I turn 1,2,5,7 into AccessName1, AccessName2, AccessName5, and AccessName7 and write that value to html?

Thank you

Who is Participating?
Big MontySenior Web Developer / CEO of Commented:
you're trying to compare the database field accessID (which I presume is a int value) to a string of numbers, separated by a comma...won't work :)


Usersr_cmd.CommandText = "SELECT accessname FROM accesslevels where  AccessID = "& Session("UserTypes") &" ORDER BY accessname Asc"


Usersr_cmd.CommandText = "SELECT accessname FROM accesslevels where  AccessID in ("& Session("UserTypes") &") ORDER BY accessname Asc"
billium99Author Commented:
BTW - the connection is handled with this string:

recordset.ActiveConnection = MM_mande_STRING
Big MontySenior Web Developer / CEO of Commented:
you would need to put the comma separated values into an array:

session("UserTypes") = 1,3,5,7

'-- split the values into an array
if Session("userTypes") <> "" then
    arrUserTypes = Split( Session("userTypes"), "," )

    '-- now loop through the array and save to the database
    for each userType in arrUserTypes
        '-- always good to do one final check if the value is blank or not
        if userType <> "" then
             sql = "insert into tblUserTypes ( userType ), values( " & CInt( userType ) & " )"
             conn.Execute( sql )
        end if

end if

Open in new window

of course, you're better off doing a parameterized query, I did it this way for the sake of demonstration. There's no check on the actual value (if it's an int data type or not), but you should get the basic idea.
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Surendra NathTechnology LeadCommented:
This is what I would do

in the VBSCRIPT, replacing the comma with what ever you want including the comma at the start of it, will solve the issue...

the skeleton of the code is shown below, please convert it into the appropriate VB script syntax

1) declare a variable let us say Temp
2) Temp = "AccessName" + replace(temp,",",",AccessName")
Big MontySenior Web Developer / CEO of Commented:
my apologies, I misread it as you wanted to save to the database, not read from it...

either way, the approach I gave should work, but let me ask you, are you trying to build some sql where it says

where AccessTypeID = 1 or AccessTypeID = 2 etc?

if so, why not just do

"where AccessTypeID in ( " & Session("UserTypes") & " ) "
Brian CroweDatabase AdministratorCommented:
If you're looking for a TSQL solution that you can use as a stored procedure...

SET @UserTypes = '1, 2, 3, 7'

            SELECT ',' + T.Name
            FROM dbo.SplitText(@UserTypes, ',') AS UT
            INNER JOIN SomeTable AS T
                  ON UT.Value = T.EntitlementTypeID
            FOR XML PATH('')
      ), 1, 1, '')

Note: This assumes you have or can create a table-valued split function
billium99Author Commented:
Thanks All,

Hmm so yes I'm reading from a database table and extrapolating actual text names for a comma delimited list of IDs. I'm hoping to display the text names is a similarly delimited list. This is the logged in user's session value for UserTypes. Here is the code I have attempted:

				Set Usersr_cmd = Server.CreateObject ("ADODB.Command")
				Usersr_cmd.ActiveConnection = MM_mande_STRING
				Usersr_cmd.CommandText = "SELECT accessname FROM accesslevels where  AccessID = "& Session("UserTypes") &" ORDER BY accessname Asc" 
				Usersr_cmd.Prepared = true
				Set Usersr = Usersr_cmd.Execute
				accessname = ""
				if not Usersr.eof then
					do while not Usersr.eof
					accessname = accessname & Usersr("accessname") & ","
					accessname = ""	
				end if
				Set Usersr = nothing
				Response.Write left(accessname,len(accessname)-1)

Open in new window

Now I'm getting a syntax error but I'm also not sure if I have this looping thing working as it would need to be...anyway, I'm getting:

Microsoft OLE DB Provider for SQL Server error '80040e14'

Incorrect syntax near ','.

/index.asp, line 702

Thanks for the time. Any ideas here?

billium99Author Commented:
Boom! That did it. You were right, Big Monty. Different data types...

Thanks for all the suggestions!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.