IE Send Page lost posted values

am 12.12.2006 22:25:01 von gauchopuntano

I have a form where the user select some criteria to list records. It is
common html form posted over an asp page in a new window.
The page work correctly and show the records filtered acording selected
criteria but When the user (in internet explorer or Mozilla) send this page
by email, the browser send a complete list of records whitout any filter
criteria.

any suggestions ?

best regards

Re: IE Send Page lost posted values

am 13.12.2006 15:22:05 von Kevin Hayes

need to see code of page.

"gauchopuntano" wrote in message
news:2410B73C-C548-44A5-B630-ED4F99478D3C@microsoft.com...
>I have a form where the user select some criteria to list records. It is
> common html form posted over an asp page in a new window.
> The page work correctly and show the records filtered acording selected
> criteria but When the user (in internet explorer or Mozilla) send this
> page
> by email, the browser send a complete list of records whitout any filter
> criteria.
>
> any suggestions ?
>
> best regards
>
>

Re: IE Send Page lost posted values

am 13.12.2006 16:56:01 von gauchopuntano

Slim, thanls for yor response.
here is the code::

<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>

<%

set conn = AbreConexion()
strSql = "Select * FROM woviewItemReport "
strWhere = ""
deptID = cInt(Request("cbDept"))
if deptID > 0 then
if len(strWhere) = 0 then
strWhere = strWhere & " deptID = " & deptID
else
strWhere = strWhere & " AND deptID = " & deptID
end if
end if

dateFrom = Request("tbRequestedDateFrom")
dateTo = Request("tbRequestedDateTo")
if len(dateFrom) > 0 then
if len(strWhere) = 0 then
strWhere = strWhere & " RequestedDate >= '" & dateFrom & "' AND
RequestedDate <= '" & dateto & "' "
else
strWhere = strWhere & " AND RequestedDate >= '" & dateFrom & "' AND
RequestedDate <= '" & dateto & "' "
end if
end if

CompBy = Request("cbCompletedBy")
if CompBy > 0 then
if len(strWhere) = 0 then
strWhere = strWhere & " CompletedBy = " & CompBy & " "
else
strWhere = strWhere & " AND CompletedBy = " & CompBy & " "
end if
end if

nItem = Request("cbItem")
if nItem > 0 then
if len(strWhere) = 0 then
strWhere = strWhere & " ItemId = " & nItem & " "
else
strWhere = strWhere & " AND ItemId = " & nItem & " "
end if
end if

if len(strWhere) > 0 then
strSql = strSql & " WHERE " & strWhere
end if
StrSql = strSql & " ORDER By ItemName"

set rs = OpenRecordset(conn, strSql, 1, 3)
if (not rs.bof and not rs.eof) then %>

<% if request("cbFormat") = "HTML" then %>

<% end if %>

<%
numberTotal = 0
do while not rs.eof
auxItem = rs("ItemName")
numberItem = 0 %>

<%
do while auxItem = rs("ItemName") and not rs.eof %>

<%
numberItem = numberItem + rs("number")
rs.movenext
if rs.eof then exit do
loop %>

<%
numberTotal = numberTotal + numberItem
if rs.eof then exit do
loop %>

<% if request("cbFormat") = "HTML" then %>

<% end if %>

href="JavaScript:PrintDocument()"> Print

width="16" height="16" hspace="2" border="0" /> href="JavaScript:CloseWindow();"> go back

width="16" height="16" hspace="2" border="0" /> href="JavaScript:window.self.close();return true;">

cellpadding="3">

alt="MPA" width="94" height="88" />

MPS

Work Order Manager

Date Printed: <%= now %>

Item

Quantity

Activity

Order#

Neighborhood

Location

Facility

Date Requested

Date Completed

Assigned To

Department

<%= auxItem %>

<%=rs("number") %>

<%=rs("Activity") %>

<%=rs("OrderId") %>

<%=rs("Neigborhood") %>

<%=rs("Address") & " " & rs("City") %>

<%=rs("FacilityType") %>

<%= FormatoFecha(rs("RequestedDate"))
%>

<%= FormatoFecha(rs("CompletedDate"))
%>

<%= rs("Assigned") %>

<%= rs("DeptName") %>

<%= auxItem %>
Total:

<%= numberItem %>

align="right">Report Total:

<%=numberTotal %>

width="75%">

<% if len(strWhere) > 0 then
'StrSqlItem = "Select Activity, Count(ActivityId) as Total FROM
viewwoItemsForOrder WHERE " & strWhere & " GROUP By Activity ORDER By
Count(ActivityId) DESC"
StrSqlItem = "Select Activity, Sum(number) as Total FROM
woviewItemReport WHERE " & strWhere & " GROUP By Activity ORDER By
Count(ActivityId) DESC"
else
StrSqlItem = "Select Activity, Sum(number) as Total FROM
woviewItemReport GROUP By Activity ORDER By Count(ActivityId) DESC"
'StrSqlItem = "Select Activity, Count(ActivityId) as Total FROM
viewwoItemsForOrder GROUP By Activity ORDER By Count(ActivityId) DESC"
end if
EnviarComentario("StrSqlItem:" & StrSqlItem)
set rsItem = openRecordSet(conn, strSqlItem, adOpenDynamic,
adOpenReadOnly)
do while not rsItem.Eof
%>

<%
rsItem.moveNext
loop
rsItem.close
set rsItem = nothing
%>

Activity	Total
<%= rsItem("Activity") %>	<%= rsItem("Total") %>

href="JavaScript:PrintDocument()"> Print

width="16" height="16" hspace="2" border="0" /> href="JavaScript:CloseWindow();"> go back

width="16" height="16" hspace="2" border="0" /> href="JavaScript:window.self.close();return true;">

<% end if
rs.close
set rs = nothing
set rsItem = nothing
conn.close
set conn = nothing %>

"Slim" wrote:

> need to see code of page.
>
>
> "gauchopuntano" wrote in message
> news:2410B73C-C548-44A5-B630-ED4F99478D3C@microsoft.com...
> >I have a form where the user select some criteria to list records. It is
> > common html form posted over an asp page in a new window.
> > The page work correctly and show the records filtered acording selected
> > criteria but When the user (in internet explorer or Mozilla) send this
> > page
> > by email, the browser send a complete list of records whitout any filter
> > criteria.
> >
> > any suggestions ?
> >
> > best regards
> >
> >
>
>
>

Re: IE Send Page lost posted values

am 16.12.2006 04:49:01 von Kevin Hayes

If I understand you correctly, the email contains all rows from the
database?

this is just a guess
I would suggest that when you send page by email, the page is loaded for
email without any parameters eg:; Request("cbDept") is blank.

try setting the form to GET and not POST and see it that works. if not you
may have to send the email via asp.

if you don't know how to do that give us a yell

Also your code is open to SQL injection

"gauchopuntano" wrote in message
news:854538FD-709D-41E3-8F33-0ADF5AE2DDB1@microsoft.com...
> Slim, thanls for yor response.
> here is the code::
>
> <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
>
>
>
>
>
> <%
>
> set conn = AbreConexion()
> strSql = "Select * FROM woviewItemReport "
> strWhere = ""
> deptID = cInt(Request("cbDept"))
> if deptID > 0 then
> if len(strWhere) = 0 then
> strWhere = strWhere & " deptID = " & deptID
> else
> strWhere = strWhere & " AND deptID = " & deptID
> end if
> end if
>
> dateFrom = Request("tbRequestedDateFrom")
> dateTo = Request("tbRequestedDateTo")
> if len(dateFrom) > 0 then
> if len(strWhere) = 0 then
> strWhere = strWhere & " RequestedDate >= '" & dateFrom & "' AND
> RequestedDate <= '" & dateto & "' "
> else
> strWhere = strWhere & " AND RequestedDate >= '" & dateFrom & "' AND
> RequestedDate <= '" & dateto & "' "
> end if
> end if
>
> CompBy = Request("cbCompletedBy")
> if CompBy > 0 then
> if len(strWhere) = 0 then
> strWhere = strWhere & " CompletedBy = " & CompBy & " "
> else
> strWhere = strWhere & " AND CompletedBy = " & CompBy & " "
> end if
> end if
>
> nItem = Request("cbItem")
> if nItem > 0 then
> if len(strWhere) = 0 then
> strWhere = strWhere & " ItemId = " & nItem & " "
> else
> strWhere = strWhere & " AND ItemId = " & nItem & " "
> end if
> end if
>
> if len(strWhere) > 0 then
> strSql = strSql & " WHERE " & strWhere
> end if
> StrSql = strSql & " ORDER By ItemName"
>
> set rs = OpenRecordset(conn, strSql, 1, 3)
> if (not rs.bof and not rs.eof) then %>
>

> <% if request("cbFormat") = "HTML" then %>
>
>
> <% end if %>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> <%
> numberTotal = 0
> do while not rs.eof
> auxItem = rs("ItemName")
> numberItem = 0 %>
>
>
>
> <%
> do while auxItem = rs("ItemName") and not rs.eof %>
>
>
>
>
>
>
>
>
>
>
>
> <%
> numberItem = numberItem + rs("number")
> rs.movenext
> if rs.eof then exit do
> loop %>
>
>
>
> <%
> numberTotal = numberTotal + numberItem
> if rs.eof then exit do
> loop %>
>
>
>
>
>
> <% if request("cbFormat") = "HTML" then %>
>
>
> <% end if %>

> href="JavaScript:PrintDocument()">

> alt="Print"
> width="16" height="16" hspace="2" border="0" /> > href="JavaScript:CloseWindow();"> go <br />
> back

> width="16" height="16" hspace="2" border="0" /> > href="JavaScript:window.self.close();return true;">

> cellpadding="3">
>
>
>
>
>

> alt="MPA" width="94" height="88" />

MPS

Work Order Manager

Date Printed: <%= now %>

Item

Quantity

Activity

Order#

Neighborhood

Location

Facility

Date Requested

Date Completed

Assigned To

Department

<%= auxItem %>

<%=rs("number") %>

<%=rs("Activity") %>

<%=rs("OrderId") %>

<%=rs("Neigborhood") %>

<%=rs("Address") & " " & rs("City") %>
>

<%=rs("FacilityType") %>

<%= FormatoFecha(rs("RequestedDate"))
> %>

<%= FormatoFecha(rs("CompletedDate"))
> %>

<%= rs("Assigned") %>

<%= rs("DeptName") %>

<%= auxItem %>
> Total:

<%= numberItem %>

> align="right">Report Total:

<%=numberTotal %>

> width="75%">
>
>
>
>
> <% if len(strWhere) > 0 then
> 'StrSqlItem = "Select Activity, Count(ActivityId) as Total FROM
> viewwoItemsForOrder WHERE " & strWhere & " GROUP By Activity ORDER By
> Count(ActivityId) DESC"
> StrSqlItem = "Select Activity, Sum(number) as Total FROM
> woviewItemReport WHERE " & strWhere & " GROUP By Activity ORDER By
> Count(ActivityId) DESC"
> else
> StrSqlItem = "Select Activity, Sum(number) as Total FROM
> woviewItemReport GROUP By Activity ORDER By Count(ActivityId) DESC"
> 'StrSqlItem = "Select Activity, Count(ActivityId) as Total FROM
> viewwoItemsForOrder GROUP By Activity ORDER By Count(ActivityId) DESC"
> end if
> EnviarComentario("StrSqlItem:" & StrSqlItem)
> set rsItem = openRecordSet(conn, strSqlItem, adOpenDynamic,
> adOpenReadOnly)
> do while not rsItem.Eof
> %>
>
>
>
>
> <%
> rsItem.moveNext
> loop
> rsItem.close
> set rsItem = nothing
> %>
>

Activity	Total
<%= rsItem("Activity") %>	<%= rsItem("Total") %>

> href="JavaScript:PrintDocument()">

> alt="Print"
> width="16" height="16" hspace="2" border="0" /> > href="JavaScript:CloseWindow();"> go <br />
> back

> width="16" height="16" hspace="2" border="0" /> > href="JavaScript:window.self.close();return true;">

>
>
> <% end if
> rs.close
> set rs = nothing
> set rsItem = nothing
> conn.close
> set conn = nothing %>
>
>
>
>
>
>
>
> "Slim" wrote:
>
>> need to see code of page.
>>
>>
>> "gauchopuntano" wrote in
>> message
>> news:2410B73C-C548-44A5-B630-ED4F99478D3C@microsoft.com...
>> >I have a form where the user select some criteria to list records. It is
>> > common html form posted over an asp page in a new window.
>> > The page work correctly and show the records filtered acording selected
>> > criteria but When the user (in internet explorer or Mozilla) send this
>> > page
>> > by email, the browser send a complete list of records whitout any
>> > filter
>> > criteria.
>> >
>> > any suggestions ?
>> >
>> > best regards
>> >
>> >
>>
>>
>>