SQL Syntax - Insert multiple records and all fields with one submission - Classic ASP

Hi Experts,
I would like to insert all fields from my Form page. Right now I can submit only DeviceName and DestQueueId.
I would also like to submit the OU and SubOU fields but I don't know how to do it.
Please take a look at my Form and Process.asp pages
I would appreciate your help.

<html>
<head>
<title></title>
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
function checkLikeMe($) {
    var x = document.getElementsByName('DeviceName');
    for (var y = 0; y < x.length; y++)
        x[y].checked = $;
}

// End -->
</script>
</head>
<body>
<form name="contact_form" method="post" action="Process.asp">
<table border="1">
<tr>
<th><input type="checkbox" onClick="checkLikeMe(this.checked)"></th>
<th>Device Name</th>
<th>OU</th>
<th>SubOU</th>
</tr>
<%
rs.AbsolutePage = intPage
For intRecord = 1 To rs.PageSize
%>
<tr>
<td><input type="checkbox" name="DeviceName" value="<%=rs("DeviceName") %>"></td>
<td><%=rs("DeviceName")%></td>
<td><%=rs("OU")%></td>
<td><%=rs("SubOU")%></td>
</tr>
<%
rs.MoveNext
If rs.EOF Then Exit For
Next
rs.Close
set rs = Nothing
AdoCon.Close
set AdoCon = nothing
%>
</table>
<br />
<select name="DestQueueId">
<option value="5">Dev</option>
<option value="4">Stage</option>
</select>
<input type="Submit" name="Submit" value="Submit" />
</form>

</body>
</html>

Open in new window

     
And this is the code of the Process.asp
<!-- #include virtual="/RouteMapper/Connections/APSConn.asp" -->
<%
for index = 1 to Request.Form("DeviceName").Count
   strDeviceName = Request.Form("DeviceName")(index)
   strDestQueueId = Request.Form("DestQueueId")

   'create SQL string for inserting data into database
   strSQL = "INSERT INTO TestTable (DeviceName, OU, SubOU, DestQueueId) VALUES ('"& strDeviceName &"','"& strOU &"','"& strSubOU &"','"& strDestQueueId &"')"

   'now add data with Execute() method
   AdoCon.Execute(strSql)
next

'close Connection object
AdoCon.Close
Set AdoCon = Nothing

'Redirect to the completed.asp page
Response.Redirect "Default.asp"
%>

Open in new window

romsomIT DeveloperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ryan ChongCommented:
>> I would also like to submit the OU and SubOU fields but I don't know how to do it.

most likely you can create hidden fields for these 2 values so that when the page is posted, you can get its posted values.
0
Jan LouwerensSoftware EngineerCommented:
On your form, you're setting the checkbox value to only the DeviceName string. What you need is a way to combine all of the DeviceName, OU, and SubOU values into a single value. You could combine them, using a comma to separate them.

<input type="checkbox" name="csvValues" value="<%=rs("DeviceName") & "," & rs("OU") & "," & rs("SubOU") %>">

Open in new window


Then when you harvest the value, you can split it back up into is separate parts:

strDestQueueId = Request.Form("DestQueueId")

for index = 1 to Request.Form("csvValues").Count
   strCsvValues = Request.Form("csvValues")(index)

   arrayValues = Split(strCsvValues, ",")
   strDeviceName = arrayValues(0)
   strOU = arrayValues(1)
   strSubOU = arrayValues(2)

   'create SQL string for inserting data into database
   strSQL = "INSERT INTO TestTable (DeviceName, OU, SubOU, DestQueueId) VALUES ('"& strDeviceName &"','"& strOU &"','"& strSubOU &"','"& strDestQueueId &"')"

   'now add data with Execute() method
   AdoCon.Execute(strSql)
next

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jan LouwerensSoftware EngineerCommented:
You also might want to spend some time looking into "SQL Injection" attacks.

Here's a start: https://www.w3schools.com/sql/sql_injection.asp
1
romsomIT DeveloperAuthor Commented:
Thank you so much, I've learned a lot.
0
romsomIT DeveloperAuthor Commented:
Thank you for the link, useful stuff.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.