Looking for an answer please to encoding

Discussion in 'ASP General' started by MrHelpMe, Jan 30, 2008.

  1. MrHelpMe

    MrHelpMe Guest

    Hello,

    I have the following page that taps into a database and pulls back a
    recordset. Next to each record on the page I have a modify button and
    a delete button. I associated the buttons to the records as follows:

    Code:
    <script language="javascript" type="text/javascript">
    
    function ModifyProcess(x){
    window.location.href=("ModifyProcess.asp?Process_id="+x);
    }
    
    function DeleteProcess(x){
    window.location.href=("DeleteProcess.asp?Process_id="+x);
    }
    </script>
    
    and then an onclick event as follows to call this

    Code:
    ONCLICK="ModifyProcess(<
    %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>);">
    
    I am using the get method however I think I should be using the POST
    method. I don't know how to use the post method and associate each
    button to its respective record. My ultimate goal in this is if I use
    the GET I want to hide the URL using Base64 but I don't know how to
    apply this to my code above. If someone can help to apply or show me
    how to use POST and eliminate the BASE64..either way is fine with
    me:)

    Thanks
    MrHelpMe, Jan 30, 2008
    #1
    1. Advertising

  2. Gazing into my crystal ball I observed MrHelpMe <>
    writing in news:f9d79252-4819-46aa-b06f-eebcb2c03f8c@
    1g2000hsl.googlegroups.com:

    > Hello,
    >
    > I have the following page that taps into a database and pulls back a
    > recordset. Next to each record on the page I have a modify button and
    > a delete button. I associated the buttons to the records as follows:
    >
    >
    Code:
    ><script language="javascript" type="text/javascript">
    >
    > function ModifyProcess(x){
    >   window.location.href=("ModifyProcess.asp?Process_id="+x);
    > }
    >
    > function DeleteProcess(x){
    >   window.location.href=("DeleteProcess.asp?Process_id="+x);
    > }
    ></script>
    > 
    > and then an onclick event as follows to call this
    >
    >
    Code:
    > ONCLICK="ModifyProcess(<
    > %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>);">
    > 
    >
    > I am using the get method however I think I should be using the POST
    > method. I don't know how to use the post method and associate each
    > button to its respective record. My ultimate goal in this is if I use
    > the GET I want to hide the URL using Base64 but I don't know how to
    > apply this to my code above. If someone can help to apply or show me
    > how to use POST and eliminate the BASE64..either way is fine with
    > me:)
    >
    > Thanks
    >
    >
    >


    What do you do about users with javascript disabled?


    --
    Adrienne Boswell at Home
    Arbpen Web Site Design Services
    http://www.cavalcade-of-coding.info
    Please respond to the group so others can share
    Adrienne Boswell, Jan 30, 2008
    #2
    1. Advertising

  3. MrHelpMe

    Evertjan. Guest

    Adrienne Boswell wrote on 30 jan 2008 in
    microsoft.public.inetserver.asp.general:

    >> I am using the get method however I think I should be using the POST
    >> method. I don't know how to use the post method and associate each
    >> button to its respective record. My ultimate goal in this is if I use
    >> the GET I want to hide the URL using Base64 but I don't know how to
    >> apply this to my code above. If someone can help to apply or show me
    >> how to use POST and eliminate the BASE64..either way is fine with
    >> me:)

    >
    > What do you do about users with javascript disabled?


    What would he do with users that have internet disabled, Adrienne?

    Perhaps he is on intranet, or has only a small users group that has to
    lofg in.

    Worse is the attempt to do clientside hiding, which shows lack of
    knowledge, unless his supposed small user group is a specified group of
    technical morons.


    >> function DeleteProcess(x){
    >> window.location.href=("DeleteProcess.asp?Process_id="+x);
    >> }
    >></script>
    >> [/code]
    >> and then an onclick event as follows to call this
    >>
    >>
    Code:
    >> ONCLICK="ModifyProcess(<
    >> %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>);">
    >> 


    For a form-post, use AJAX like technology or do [not tested]:

    =====================================
    <form id='Modify' method='post' action='ModifyProcess.asp'>
    <input type='hidden' name='Process_id'
    value='<%=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>'>
    </form>

    <form id='Delete' method='post' action='DeleteProcess.asp'>
    <input type='hidden' name='Process_id'
    value='<%=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>'>
    </form>

    .....
    ONCLICK="document.getElementById('Modify').submit();"
    .....
    ONCLICK="document.getElementById('Delete').submit();"
    =====================================================


    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Jan 30, 2008
    #3
  4. MrHelpMe

    MrHelpMe Guest

    On Jan 30, 4:39 am, "Evertjan." <> wrote:
    > Adrienne Boswell wrote on 30 jan 2008 in
    > microsoft.public.inetserver.asp.general:
    >
    > >> I am using the get method however I think I should be using the POST
    > >> method.  I don't know how to use the post method and associate each
    > >> button to its respective record.  My ultimate goal in this is if I use
    > >> the GET I want to hide the URL using Base64 but I don't know how to
    > >> apply this to my code above.  If someone can help to apply or show me
    > >> how to use POST and eliminate the BASE64..either way is fine with
    > >> me:)

    >
    > > What do you do about users with javascript disabled?

    >
    > What would he do with users that have internet disabled, Adrienne?
    >
    > Perhaps he is on intranet, or has only a small users group that has to
    > lofg in.
    >
    > Worse is the attempt to do clientside hiding, which shows lack of
    > knowledge, unless his supposed small user group is a specified group of
    > technical morons.
    >
    > >> function DeleteProcess(x){
    > >>   window.location.href=("DeleteProcess.asp?Process_id="+x);
    > >> }
    > >></script>
    > >> [/code]
    > >> and then an onclick event as follows to call this

    >
    > >>
    Code:
    > >> ONCLICK="ModifyProcess(<
    > >> %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>);">
    > >> 

    >
    > For a form-post, use AJAX like technology or do [not tested]:
    >
    > =====================================
    > <form id='Modify' method='post' action='ModifyProcess.asp'>
    > <input type='hidden' name='Process_id'
    > value='<%=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>'>
    > </form>
    >
    > <form id='Delete' method='post' action='DeleteProcess.asp'>
    > <input type='hidden' name='Process_id'
    > value='<%=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>'>
    > </form>
    >
    > ....
    > ONCLICK="document.getElementById('Modify').submit();"
    > ....
    > ONCLICK="document.getElementById('Delete').submit();"
    > =====================================================
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)


    Evertjet,

    Thanks so much for this. So I am trying your code and it doesn't seem
    to work. First off I didn't know you could put multiple forms in one
    page. I know have a search form, delete and modify form but if I
    click any buttons beside any recordset I always get process_id 43.
    Any ideas. This is what I have thus far
    Code:
    <p><b>Search</b></p>
    <form action="<%= strURL %>" method="get" Name="Search">
    <input name="search" value="<%= strSearch %>">
    <input type="submit">
    </form>
    
    <form id="Modify" method="post" action="ModifyProcessMap.asp">
    <input type="hidden" name="Process_id" value="<
    %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>">
    </form>
    
    <form id="Delete" method="post" action="DeleteProcessMap.asp">
    <input type="hidden" name="Process_ID" value="<
    %=(objRsProcessAdd.Fields.Item("Process_ID").Value)%>">
    </form>
    
    Then I go out to connect to my database and pull all records that
    match the search. Your help is appreciated. Thanks.
    MrHelpMe, Jan 30, 2008
    #4
  5. MrHelpMe

    Evertjan. Guest

    MrHelpMe wrote on 30 jan 2008 in microsoft.public.inetserver.asp.general:

    > Thanks so much for this. So I am trying your code and it doesn't seem
    > to work.


    The code was not copy and go, but helping you understand.

    > First off I didn't know you could put multiple forms in one
    > page.


    Why not, there is even a forms collection:

    var f0 = document.forms[0];
    var f1 = document.forms[1];
    etc.

    > I know have a search form, delete and modify form but if I
    > click any buttons beside any recordset


    "buttons beside any recordset" sorry I do not understand,
    I thought we were speaking simple HTML?
    There sould be no recordsets in html.

    > I always get process_id 43.
    > Any ideas. This is what I have thus far


    What is "get"?

    Please always look at the rendered html code,
    as seen by browser view source.

    ASP is just a wat to prepare a html stream for the client,
    so you have to seperate the two processes, asp processing and html
    rendering in your mind.



    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Jan 30, 2008
    #5
  6. MrHelpMe

    MrHelpMe Guest

    On Jan 30, 5:36 pm, "Evertjan." <> wrote:
    > MrHelpMe wrote on 30 jan 2008 in microsoft.public.inetserver.asp.general:
    >
    > > Thanks so much for this.  So I am trying your code and it doesn't seem
    > > to work.  

    >
    > The code was not copy and go, but helping you understand.
    >
    > > First off I didn't know you could put multiple forms in one
    > > page.  

    >
    > Why not, there is even a forms collection:
    >
    > var f0 = document.forms[0];
    > var f1 = document.forms[1];
    > etc.
    >
    > > I know have a search form, delete and modify form but if I
    > > click any buttons beside any recordset

    >
    > "buttons beside any recordset" sorry I do not understand,
    > I thought we were speaking simple HTML?
    > There sould be no recordsets in html.
    >
    > > I always get process_id 43.
    > > Any ideas.  This is what I have thus far

    >
    > What is "get"?
    >
    > Please always look at the rendered html code,
    > as seen by browser view source.
    >
    > ASP is just a wat to prepare a html stream for the client,
    > so you have to seperate the two processes, asp processing and html
    > rendering in your mind.
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)


    Evertjan let me explain.

    I am using ADO to query a database table via a stored procedure. This
    whole process returns a number of rows/records from the table(it loops
    through the database table and displays each row of data). Beside
    each row of data are 2 Buttons. 1 Modify Button and Delete Button.
    When the user clicks the button(i.e Modify) the code should be able to
    associate the button with that row of data by Process_id. If the user
    clicks on the button besides, let's saw, row 54, then code should be
    able to open up information for the process ID 54 etc etc. The reason
    I did this with a query string was because I didn't know how to do it
    with POST method of the Form element. All this is working with the
    querystring however, the security level is bad:) Let me know if this
    makes sense.
    MrHelpMe, Jan 31, 2008
    #6
  7. MrHelpMe

    Evertjan. Guest

    MrHelpMe wrote on 31 jan 2008 in microsoft.public.inetserver.asp.general:

    Evertjan wrote
    >> Please always look at the rendered html code,
    >> as seen by browser view source.
    >>
    >> ASP is just a wat to prepare a html stream for the client,
    >> so you have to seperate the two processes, asp processing and html
    >> rendering in your mind.
    >>


    [please do not quote signatures]

    and could we converse non anonymous, or with a decent nickname?

    >
    > Evertjan let me explain.
    >
    > I am using ADO to query a database table via a stored procedure. This
    > whole process returns a number of rows/records from the table(it loops
    > through the database table and displays each row of data). Beside
    > each row of data are 2 Buttons. 1 Modify Button and Delete Button.
    > When the user clicks the button(i.e Modify) the code should be able to
    > associate the button with that row of data by Process_id. If the user
    > clicks on the button besides, let's saw, row 54, then code should be
    > able to open up information for the process ID 54 etc etc. The reason
    > I did this with a query string was because I didn't know how to do it
    > with POST method of the Form element.


    Did you look at what the view source rendered code gives? You will be
    amazed what mistakes are immediately obvious if you do that.

    I do not think you need a form for each record,
    not even seperate forms for delete and modify.

    Say, partly in pseudocode:

    ===============================================
    <script type='text/javascript'>

    function changeRec(what,rid){
    var f = document.forms['change'];
    f['Process_id'].value = rid;
    f.action = (what=='d')?'DeleteProcessMap.asp':'ModifyProcessMap.asp';
    f.submit();
    }

    </script>

    <form name="change" method="post">
    <input type="hidden" name="Process_id">
    </form>

    <%
    sql = "...." etc serverside database stuff

    do until eofstuff
    %>

    <br><br>
    <%=recordID %>: <%=recordcontentstuff %>
    <button onclick='changeRec('d',<%=recordID %>)'>Delete</button>
    <button onclick='changeRec('m',<%=recordID %>)'>Modify</button>

    <%
    nextrecordstuff
    loop
    %>
    ===========================================

    > All this is working with the
    > querystring however, the security level is bad:) Let me know if this
    > makes sense.


    My above example uses form-post.
    That does not give security, security has to be serverside!

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
    Evertjan., Jan 31, 2008
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. KathyB
    Replies:
    0
    Views:
    560
    KathyB
    Jul 25, 2003
  2. Robocop
    Replies:
    2
    Views:
    429
    Andrew Hobbs
    Feb 22, 2004
  3. Replies:
    7
    Views:
    414
    Roedy Green
    Oct 25, 2005
  4. KK
    Replies:
    2
    Views:
    522
    Big Brian
    Oct 14, 2003
  5. Tony Mobily
    Replies:
    1
    Views:
    89
    James Edward Gray II
    Feb 23, 2006
Loading...

Share This Page