correction d'une ligne de code

Discussion in 'ASP General' started by elia, Nov 9, 2005.

  1. elia

    elia Guest

    Bonjour,

    Débutant en asp, mon navigateur me signale une faute dans cette ligne,
    avec ces "" et ses '' je ne vois pas trop d'où viens l'erreur,
    quelqu'un pourait-il m'aider? merci, pascal

    La ligne est :

    req_sql = UPDATE t_abo SET txtTransactionID=" &
    request.form("txtTransactionID") & ", txtPayMet=" &
    request.form('txtPayMet') & " WHERE ID=" & request('txtOrderIDShop')"
    conn.Execute(req_sql)

    ----------------------------------------------------------------
    Le code affiché par le navigateur est:

    Microsoft VBScript compilation error '800a0401'

    Expected end of statement

    /e_confirmation_bd.asp, line 198

    req_sql = UPDATE t_abo SET txtTransactionID=" &
    request.form("txtTransactionID") & ", txtPayMet=" &
    ----------------------------^
    request.form('txtPayMet') & " WHERE ID=" & request('txtOrderIDShop')"
    elia, Nov 9, 2005
    #1
    1. Advertising

  2. elia

    Evertjan. Guest

    elia wrote on 09 nov 2005 in microsoft.public.inetserver.asp.general:

    > req_sql = UPDATE t_abo SET txtTransactionID=" &


    req_sql = "UPDATE t_abo SET txtTransactionID='" &_

    > request.form("txtTransactionID") & ", txtPayMet=" &


    request.form("txtTransactionID") & "', txtPayMet='" &_

    > request.form('txtPayMet') & " WHERE ID=" & request('txtOrderIDShop')"


    request.form("txtPayMet") & "' WHERE ID=" & request("txtOrderIDShop")

    > conn.Execute(req_sql)


    conn.Execute req_sql

    NB if: ID: number, txtPayMet: string, txtTransactionID: string



    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
    Evertjan., Nov 9, 2005
    #2
    1. Advertising

  3. You don't start your string with a ".

    req_sql = UPDATE t_abo SET...."
    vs.
    req_sql = "UPDATE t_abo SET...."


    Also, what's with request.form('txtPayMet') instead of
    request.form("txtPayMet")?

    Additionally:
    http://www.google.com/search?hl=en&lr=&q=ASP sql injection
    http://www.aspfaq.com/show.asp?id=2111


    Ray at work

    "elia" <> wrote in message
    news:...
    Bonjour,

    Débutant en asp, mon navigateur me signale une faute dans cette ligne,
    avec ces "" et ses '' je ne vois pas trop d'où viens l'erreur,
    quelqu'un pourait-il m'aider? merci, pascal

    La ligne est :

    req_sql = UPDATE t_abo SET txtTransactionID=" &
    request.form("txtTransactionID") & ", txtPayMet=" &
    request.form('txtPayMet') & " WHERE ID=" & request('txtOrderIDShop')"
    conn.Execute(req_sql)

    ----------------------------------------------------------------
    Le code affiché par le navigateur est:

    Microsoft VBScript compilation error '800a0401'

    Expected end of statement

    /e_confirmation_bd.asp, line 198

    req_sql = UPDATE t_abo SET txtTransactionID=" &
    request.form("txtTransactionID") & ", txtPayMet=" &
    ----------------------------^
    request.form('txtPayMet') & " WHERE ID=" & request('txtOrderIDShop')"
    Ray Costanzo [MVP], Nov 9, 2005
    #3
  4. elia

    elia Guest

    Merci pour ces informations mais je n'y arrive toujours pas.
    Le code comprends 3 imbrications, et donc " et ' ne suffisent pas!
    J'ai essayé avec [ mais cela ne fonctionne pas non plus.
    Mon probleme est d'ajouter deux variables (txtTransactionID ,
    txtPayMet) pour un ID (txtOrderIDShop) qui proviennent d'un Post dans
    une Base de donnée.

    Ma ligne de code est maintenant :
    req_sql = [UPDATE t_abo SET txtTransactionID=" &
    request.form('txtTransactionID') &
    ", & txtPayMet=" & request.form('txtPayMet') " &
    WHERE ID=" & request('txtOrderIDShop')"]

    mais je reçois le message d'eureur suivant:
    Microsoft OLE DB Provider for ODBC Drivers error '80040e0c'
    Command text was not set for the command object.

    merci.
    elia, Nov 10, 2005
    #4
  5. elia

    Evertjan. Guest

    elia wrote on 10 nov 2005 in microsoft.public.inetserver.asp.general:

    > req_sql = [UPDATE t_abo SET txtTransactionID=" &
    >


    Wrong, a string litteral should start with a "

    req_sql = "UPDATE t_abo SET txtTransactionID="

    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
    Evertjan., Nov 10, 2005
    #5
  6. elia

    elia Guest

    Ok, je commence avec :
    "update ....
    mais après je suis embêter, comment faire 3 imbrications??

    " ......'.....?.....?.....'....."

    merci
    elia, Nov 10, 2005
    #6
  7. elia

    Evertjan. Guest

    elia wrote on 10 nov 2005 in microsoft.public.inetserver.asp.general:

    > Ok, je commence avec :
    > "update ....
    > mais aprŠs je suis embˆter, comment faire 3 imbrications??
    >
    > " ......'.....?.....?.....'....."
    >
    > merci
    >


    ASP-vbs needs ".. anything ...." as a litteral string

    varNumber = 3
    varString = ".. anything ...." & 3 & ".. anything ...."

    SQL needs internal! string litterals in '...',
    but the string itself needs the ASP-vbs "..." external

    varNumber = 17
    myTable = "TblFirst"
    sqlString = "delete '" & myTable "' where id = " & varNumber

    This will make a string in sqlString:

    "delete 'TblFirst' where id = 17"



    --
    Evertjan.
    The Netherlands.
    (Replace all crosses with dots in my emailaddress)
    Evertjan., Nov 10, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Arnaud
    Replies:
    2
    Views:
    3,481
    Amontec Team, Laurent Gauch
    Feb 11, 2004
  2. Xavier Tarrago

    Tomcat-W2000 ligne trop longue

    Xavier Tarrago, Oct 21, 2003, in forum: Java
    Replies:
    0
    Views:
    459
    Xavier Tarrago
    Oct 21, 2003
  3. nobody
    Replies:
    0
    Views:
    344
    nobody
    Jan 4, 2007
  4. Drew
    Replies:
    4
    Views:
    304
  5. Don Juan
    Replies:
    2
    Views:
    318
    Don Juan
    Feb 27, 2009
Loading...

Share This Page