|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stay one step ahead of the competition. Evaluate and give feedback
on some of the hottest web development tools on the market today.
Make your opinion heard! Click
Here
|
|
#1
August 6th, 2003, 10:17 AM
|
|||
|
|||
|
Missing Operator ?
Yet another updating problem
Code:
<% SQL = "UPDATE news " & _
"SET newsBody = '" & body & "' " & _
"WHERE ID = " & ID %>
Syntax error (missing operator) in query expression 'ID ='. Yet this code works on anotehr page Code:
<% SQL = "UPDATE IM " & _
"SET FirstName = '" & fname & "', Lastname = '" & lname & "', Pin = '" & pin & "', Cellphone = '" & mobile & "' " & _
"WHERE ID = " & ID %>
what am i doing wrong?
|
|
#2
August 6th, 2003, 10:29 AM
|
|||
|
|||
|
*ALWAYS* -- *ALWAYS* -- *ALWAYS*
*ALWAYS* -- *ALWAYS* -- *ALWAYS*
Get into the habit of making a Response.Write of your SQL Query that you ARE ABOUT TO EXECUTE *BEFORE* you actually execute it. Example: strSql = "SELECT ...." 'FOR DEBUG ONLY 'Response.Write strSql & "<hr>" 'Response.End 'Now execute the query ....... Uncomment the two lines under the 'FOR DEBUG ONLY This will output the Query THAT YOU ARE ABOUT TO EXECUTE. You can copy/paste it and test it BEFORE, making sure it is OK! In your case, the ID seems to be missing, HOW COME ? Where exactly are you getting that ID from ? Show us the relevent code...please  Hope this helps! Sincerely Vlince
|
|
#3
August 6th, 2003, 11:01 AM
|
|||
|
|||
|
sry vince , ID is a the a code sent from the previous page
view_news.asp Code:
<a href="edit_news.asp?ID=<%Response.Write(r("ID"))%>"><font face="Tahoma, Arial, Verdana" size="2">Edit</font></a>
ID in this case is my autonumber then the next page checks to see what to update edit_news.asp Code:
<% @ Language=VBScript %>
<!--#include file="connection.asp"-->
<% ID = Request.QueryString ("ID") %>
<% SQL = "SELECT * FROM news WHERE ID = " & ID & "" %>
<% Set r = conn.Execute(SQL) %>
<html>
<head><title>Edit News</title></head>
<body>
<form name="edit_news" action="update_news.asp" method="post">
<table border="0" width="500" cellpadding="0" cellspacing="0" align="center">
<tr>
<td><div align="right"><font size="2" face="Tahoma, Arial, Verdana">Title:</font></div></td>
<td><input type="text" name="title" value="<%= r("newsTitle") %>"></td>
</tr>
<tr>
<td valign="top"><div align="right"><font size="2" face="Tahoma, Arial, Verdana">Body:</font></div></td>
<td><textarea name="body" cols="40" rows="10"><%= r("newsBody") %></textarea></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Update News">
<input name="Reset" type="reset" id="Reset" value="Reset"></td>
</tr>
</table>
</form>
</body>
</html>
finally update_news.asp Code:
<% @ Language=VBScript %>
<% Dim conn %>
<% MyPath=Server.MapPath("../../database/records_management.mdb") %>
<% Set conn = Server.CreateObject("ADODB.Connection") %>
<% conn.Open "Driver={Microsoft Access Driver (*.mdb)};" & _
"DBQ=" & MyPath %>
<% ID = request.Form("ID") %>
<% title = Request.Form("title")
body = Request.Form("body")
%>
<% SQL = "UPDATE news " & _
"SET newsBody = '" & body & "' " & _
"WHERE ID = " & ID %>
<% Set R = conn.Execute(SQL) %>
I hope i made myself mroe clear. its been a long week 
|
|
#4
August 6th, 2003, 11:48 AM
|
|||
|
|||
|
ok, inside the edit_news.asp page I see that you retrieve the value of ID via the QueryString.
You then put that value inside a variable called ID so far so good... There is just one *TINY* little thing. You do realize that you are passing the unique ID via the QueryString and that anyone can simply change that value right? You also might be concerned with SQL Injection Attacks here is good reading for you: http://www.sitepoint.com/article/794/1 ok let's get back to your problem... Now the variable ID holds the unique id! What to do next ??? Well you have a <form>...</form> with an action attribute set to: action="update_news.asp" I've also noticed that your <form>...</form> uses the method POST to send its data right? Ok, what you need to do, is create what we call a <hidden> field. That <hidden> field will hold the value of the variable ID. Ok so you need to write this, right under the tag <form...> <input type="hidden" name="hidID" value="<%=ID%>"> Then end result should look something similar to: <form> <hidden field> . . </form> IMPORTANT: The <hidden> field *MUST* be embedded between the beginning and closing tag <form> Now once that is done,. we go to the update_news.asp And we do: <% Dim ID ID = Request.Form("hidID") 'FOR DEBUG ONLY 'Response.Write "-->" & ID & "<--<hr>" 'Response.End ...rest of your code... %> Hope this helps! Sincerely Vlince %>
|
|
#5
August 6th, 2003, 12:25 PM
|
|||
|
|||
|
*Digitalosophy Tips His Hat To Vlince*
Thank you so much for your help. My code was outright "dirty". With the insertion of the hidden field and a little code tweaking, eveything finally works. I have also read that artice, my project is in a frameset so the query's can't be seen, and also only one person has access to these pages I created. But I will keep that in mind for the next time. Thank you again, you are a true lifesaver  
|
|
#6
August 6th, 2003, 12:31 PM
|
|||
|
|||
|
Hey no problem...I'm glad it turned out ok
Perhaps I should open an account with PayPal for donations no? hehe j/k Thanks Digitalosophy Sincerely Vlince
|
|
#7
August 6th, 2003, 12:57 PM
|
|||
|
|||
|
yes you are good. any places you know of where i can go to learn how to write cleaner code?(if you know what i mean)
|
|
#8
August 6th, 2003, 01:06 PM
|
|||
|
|||
|
Well there is no such thing as "a place" like an ASP Church or something
For me, personally, maintainability and readability of code outweighs performance. I've seen so many applications/code that was poorly designed/coded and took for ever to debug. I've also seen encapsulated code that was so much encapsulated that it wasn't even efficient anymore Too much of a good thing isn't always the best way. Nice clean code, to me, will always be my #1 priority. Unless I end working for the NASA or some critical aviation company where every bits and bytes cout then ya ok performance would be #1 Vlince
|
|
| Viewing: Dev Shed Forums > Programming Languages - More > ASP Programming > Missing Operator ? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
