how to pass value retrieved from db

Hi

I am pretty rusty with ASP and I can only guess that this is easy, although I can't seem to figure it out...

I have a form which submits it's data to a hidden page(submit.asp).
Submit.asp retrieves the data and submits to the db.
Immediately once it has submitted data, it will then retrieve the auto generated id for the data just submitted. (hope this will work)
Once I have retrievd the auto gen id, I want to then pass this id to *another page*. I don't want to then create the table on the submit.asp page as there is a huge amount of code there already - want to keep things clean.

How do I pass the auto gen id from the hidden page to another asp page? Is it something like response.redirect and how do I attach the id?

Muchas gracias!!
Lee

well the easiest thing to do would be to submit it to the other page in a querystring, but you can do text boxes, hidden fields, anything html really.....

hope you're using @@identity

You could also use a session.

In submit.asp, put something like session("bleh") = oRS("Somefield")

Then, you can access session("bleh") in another page.

Thanks for getting back..

I was hoping to avoid using session variables as I haven't done this before. Anyway, all I need to pass is one value to one page.

"well the easiest thing to do would be to submit it to the other page in a querystring, but you can do text boxes, hidden fields, anything html really.....

hope you're using @@identity"

How can I submit the id if there is no form and submit button on this page? It's a hidden page which merely submits & then retrieves. Once it has retrieved the id, it needs to somehow pass it to another page. You mentioned querystring, but this would require someone clicking a submit button..

Is there any other way of doing this?? I fear I may have to get into session variables, but am hoping to avoid this. If so, I shall be back!

Also, I am not using @@identity. What is it and why/how is it used?

Thanks!
Lee

Querystring doesn't require any user interaction.

Session variables are ideal for this, but if you don't want to use them you can do so by using querystrings in this way:

Simply add a response.redirect "page.asp?id=" & objRS("ID")

That will pass page.asp the parameter "id=123" for example, which you can access in the next page with Request.QueryString("id")

Matt

p.s. identity is something that can be applied to an integer field which makes the field auto increment with an ID. If you're using SQL Server this is the best way to maintain an ID column.

If you're using MS Access, the propietrary equivalent is an Autonumber

well, you could always learn how to use session variables, you'll have to learn them sooner then later, but i wouldn't use them in this situation if you could just use querysting

just make the action form like usual for a post but make it submit to

keep in mind the user will still be able to alter this so hopefully this isn't sensitive data....

and then you can use javascript to submit it with no user interaction



This is sloppy though and sounds wierd. Maybe there's a better way than the intermediate form (these tend to be insecure so make sure you do lots of checking)



returns the autoincrementing ID of the newly inserted field.

Thanks everyone! I'm going to try the
response.redirect "page.asp?id=" & objRS("ID") . This should be fine. I look forward to getting into session variables, but don't have time as yet..
Cheers
Lee

querystring is a good way; for added security use ServerEncode:

strString & "page.asp?id=" & Server.URLEncode(intID) ....

intID's value is encoded with Server.URLEncode

(and if the information you are passing is "sensitive", consider passing 28 character Hex number, which can then be referenced in the database to get the "sensitive" data. It will stop people from entering "page.asp?id=1" hoping to get lucky.)

I wouldn't rely on assuming all attackers are lazy as a security feature....
but good luck leeolive, and hope you look into sessions one day.

Hi

None of your kind suggestions are working...it's definitely to do with the syntax attaching the string to the response.redirect. I'm going to explain it again..

I am wanting to pass a value within a variable to another page using response.redirect.

1. Hidden page retrieves and passes variable, like so
Response.Redirect "process.asp?id=strNINumber"

2. process.asp page retrieves value and, for test purposes, writes it. I can't get past this page as the value that is passes is literally 'strNINumber' and not the actual value.

<% Dim strID
Response.Expires=0
strID=Request.querystring("id")
Response.Write (strID) 'must use brackets
%>

3. The same page then passes value within an href to another page
<a href="memberletter.asp?id=strID><b>Review</b></a>

Where am I going wrong??
Thanks!
Lee

1) response.redirect "somepage.asp?id=" & strNINumber

2) <a href="memberletter.asp?id=<%=strID%>><b>Review</b></a>

as a side note, you're heavily confusing html and asp, i think you need to review what each one is and things will become more clear. Html has no idea what variables are and you're putting variables in html. You use asp to generate html. Good luck

That security feature isn't really for hackers as much as its for common users - which are more prevalent on the net.

I think unatratnag has got your problem solved.