ADODB.Recordset (0x800A0E78)
am 13.04.2006 12:48:48 von unknown
strODBC = "DSN=mysql_dsn; UID=root; PWD=;"
nama = request.form("dNa")
syarikat = request.form("dSy")
alamat1 = request.form("dA1")
alamat2 = request.form("dA2")
zip = request.form("dZip")
negeri = request.form("dNe")
negara = request.form("dNeg")
telefonP = request.form("dTP")
telefonB = request.form("dTB")
fax = request.form("dF")
emel = request.form("dE")
id = request.form("dNId")
katalaluan1 = request.form("dKat1")
sta = request.form("status")
soalan = request.form("dSoa")
jawapan = request.form("dJa")
strSQL ="INSERT INTO pendaftaran (dNa,dSy,dA1,dA2,dZip,dNe,dNeg,dTP,dTB,dF,dE,dNId,dKat1,stat us,dSoa,dJa) VALUES ('" + nama + "', '" + syarikat + "', '" + alamat1 + "', '" + alamat2 + "', '" + zip + "', '" + negeri + "', '" + negara + "', '" + telefonP + "', '" + telefonB + "', '" + fax + "', '" + emel + "', '" + id + "', '" + katalaluan1 + "', '" + sta + "', '" + soalan + "', '" + jawapan + "');"
set dbs = Server.CreateObject("ADODB.Connection")
dbs.Open strODBC
set rst = dbs.Execute(strSQL)
if rst.eof then
response.redirect("Pendaftaran.asp")
else
response.redirect("MainPage.asp")
end if
Re: ADODB.Recordset (0x800A0E78)
am 13.04.2006 14:36:34 von reb01501
Kokseng wrote:
> strODBC = "DSN=mysql_dsn; UID=root; PWD=
>
>
>
> strSQL ="INSERT INTO pendaftaran
> (dNa,dSy,dA1,dA2,dZip,dNe,dNeg,dTP,dTB,dF,dE,dNId,dKat1,stat us,dSoa,dJa)
> VALUES ('" + nama + "', '" + syarikat + "', '" + alamat1 + "', '" +
> alamat2 + "', '" + zip + "', '" + negeri + "', '" + negara + "', '" +
> telefonP + "', '" + telefonB + "', '" + fax + "', '" + emel + "', '"
> + id + "', '" + katalaluan1 + "', '" + sta + "', '" + soalan + "', '"
> + jawapan + "');"
>
What was the text of your error message?
Start your debugging efforts by adding:
Response.Write strSQL
Response.End
Run the page and look at the resulting sql statement in the browser window.
Make sure it is a statement that can execute with no errors in mysql's
native query execution tool. Of course, you shouldd comment out these two
lines after you finish debugging.
> set dbs = Server.CreateObject("ADODB.Connection")
> dbs.Open strODBC
>
> set rst = dbs.Execute(strSQL)
Do not use a recordset to execute a query that does not return records. in
fact, tell ADO not to bother constructing an expensive recordset object:
dbs.Execute strSQL,,129
The 129 is a combination of 1 (adCmdText) and 128 (adExecuteNoRecords). If
you have a metadata tag referencing the ADO type library, or you have
included adovbs.inc in your page, you can use:
dbs.Execute strSQL,, adCmdText + adExecuteNoRecords
> if rst.eof then
Your query does not return records, so you do not have a recordset object
whose eof property can be checked. This is the probable source of your
error. Do this instead:
dim recsAffected
recs=0
dbs.Execute strSQL,recsAffected,129
if recsAffected >0 then
> response.redirect("MainPage.asp")
> else
> response.redirect("Pendaftaran.asp")
> end if
Bob Barrows
PS. Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/microsoft.public.inetser ver.asp.db/msg/72e36562fee7804e
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.