Basically I have an asp page which displays a recordset of items on an
order
I have a link on the same page which takes the user to an edit page
for the same data, i.e. data in text boxes etc.
First, I created an update loop to save any changes to any of the text
boxes in any row for all records. There are 2 text boxes for each
record, order qty (P_metal_qty) and outstanding order qty
(P_metal_Open)
Each field on the edit page is coded like:
value=" & RS("P_metal_qty") & ">
On the next update page, after hitting submit.....
This code works fine.
I then needed to add an additional two text boxes to each row just for
entering data against each record (Qty Delivered & Delivery Note #),
but which would be updated to different tables, and not display in
these text boxes in edit mode. They are just for entering the data,
and it gets saved elsewhere.
The Problem
When I try and the use the ID from the above code whilst still in the
loop, it throws me all th ID's of all the records displayed, not the
one in the current loop, i.e. if I response.write Request.Form("ID")
(i) I get 188185184186187 printed, so from that I do not understand
how the above code works ??
I thought only a single ID would be used during each cycle of the
loop.
Appreciate any help you can offer, thanks
David
Re: Form update inside loop
am 25.01.2008 23:20:46 von Anthony Jones
"David" wrote in message
news:17925099-2db6-4d7a-8d13-ec3b16093ee4@v29g2000hsf.google groups.com...
> I have an asp update page which I cannot fathom.
>
> Basically I have an asp page which displays a recordset of items on an
> order
> I have a link on the same page which takes the user to an edit page
> for the same data, i.e. data in text boxes etc.
>
> First, I created an update loop to save any changes to any of the text
> boxes in any row for all records. There are 2 text boxes for each
> record, order qty (P_metal_qty) and outstanding order qty
> (P_metal_Open)
> Each field on the edit page is coded like:
> value=" & RS("P_metal_qty") & ">
>
> On the next update page, after hitting submit.....
>
>
> If Request.Form("ID").Count > 0 then
>
> For i = 1 to Request.Form("ID").Count
>
> uSQL = "UPDATE phoenix_orderlines SET "
> uSQL = uSQL & " P_metal_qty = '" & request.form("mqty_" &
> Request.Form("ID")(i)) & "'"
> uSQL = uSQL & ", P_metal_Open ='" & request.form("mopen_" &
> Request.Form("ID")(i)) & "'"
> uSQL = uSQL & " WHERE Phoenix_orderline_ID= '" &
> Request.Form("ID")(i) & "';"
> Set RS = adoDataConn.Execute(uSQL)
> Next
>
> End If
>
>
>
> This code works fine.
> I then needed to add an additional two text boxes to each row just for
> entering data against each record (Qty Delivered & Delivery Note #),
> but which would be updated to different tables, and not display in
> these text boxes in edit mode. They are just for entering the data,
> and it gets saved elsewhere.
>
> The Problem
> When I try and the use the ID from the above code whilst still in the
> loop, it throws me all th ID's of all the records displayed, not the
> one in the current loop, i.e. if I response.write Request.Form("ID")
> (i) I get 188185184186187 printed, so from that I do not understand
> how the above code works ??
> I thought only a single ID would be used during each cycle of the
> loop.
>
Well you've shown us code that does what you expect but not the actual code
that has you scratching your head. E.g., is you have simply place
Response.Write Request.Form("ID")(i) inside your loop then its going to send
each string one after the other so I'd expect the result you indicated.
However you do a serious problem. Search the web for "SQL Injection".
Basically give that form I could formulate a value for one of the text boxes
(e.g., 0'; DELETE phoenix_orderlines; --) That would some nasty things to
your DB.
Also since you look the ID fields by ordinal number why not mqy and mopen?