cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

ASP SQL convert from older Release to CS3

Guest
Aug 06, 2008 Aug 06, 2008
I have upgraded to CS3 from an older version of Dreamweaver. Now, when I call the SQL for a document created in an older version, it is changing the whole Recordset syntax. In addition, my old code no longer works.

For example, I am trying to test a field in my database:
If a passed parameter is equal to ALL or if the database field is equal to the passed parameter
I want to see the record.

When I open this document in CS3 it first starts with error message saying I am missing the variable type.
Then, I get TOO FEW PARAMETERS

The problem seems to be when I compare fCat = 'All' OR Category LIKE 'fCat'
If I do either one separately it works fine, but it will not allow both tests.

Can anyone help? I have a ton of sites which have database and ASP code in them and I need to know what I can do to easily convert these without problems.

Thanks.

Here is the old code which worked fine in the older version:
<%
Dim Addresses__MMColParam
Addresses__MMColParam = "Korhonen"
If (Session("SSuser") <> "") Then
Addresses__MMColParam = Session("SSuser")
End If
%>
<%
Dim Addresses__fCat
Addresses__fCat = "All"
If (TestCat <> "") Then
Addresses__fCat = TestCat
End If
%>
<%
Dim Addresses__sortby
Addresses__sortby = "LastName"
If (TestSort <> "") Then
Addresses__sortby = TestSort
End If
%>
<%
Dim Addresses__fName
Addresses__fName = "All"
If (TestFirst <> "") Then
Addresses__fName = TestFirst
End If
%>
<%
Dim Addresses__lName
Addresses__lName = "All"
If (TestLast <> "") Then
Addresses__lName = TestLast
End If
%>
<%
Dim Addresses__fComp
Addresses__fComp = "All"
If (TestComp <> "") Then
Addresses__fComp = TestComp
End If
%>
<%
Dim Addresses
Dim Addresses_numRows

Set Addresses = Server.CreateObject("ADODB.Recordset")
Addresses.ActiveConnection = MM_upload_STRING
Addresses.Source = "SELECT * FROM Address WHERE User = '" + Replace(Addresses__MMColParam, "'", "''") + "' AND ('" + Replace(Addresses__fCat, "'", "''") + "' = 'All' OR Category LIKE '" + Replace(Addresses__fCat, "'", "''") + "') AND ('" + Replace(Addresses__fName, "'", "''") + "' = 'All' OR FirstName LIKE '" + Replace(Addresses__fName, "'", "''") + "') AND ('" + Replace(Addresses__lName, "'", "''") + "' = 'All' OR LastName LIKE '" + Replace(Addresses__lName, "'", "''") + "') AND ('" + Replace(Addresses__fComp, "'", "''") + "' = 'All' or Company LIKE '" + Replace(Addresses__fComp, "'", "''") + "') ORDER BY " + Replace(Addresses__sortby, "'", "''") + ""
Addresses.CursorType = 0
Addresses.CursorLocation = 2
Addresses.LockType = 1
Addresses.Open()

Addresses_numRows = 0
%>





Here is the code generated by CS3
<%
Dim Addresses__MMColParam
Addresses__MMColParam = "Korhonen"
If (Session("SSuser") <> "") Then
Addresses__MMColParam = Session("SSuser")
End If
%>
<%
Dim Addresses__fCat
Addresses__fCat = "All"
If (TestCat <> "") Then
Addresses__fCat = TestCat
End If
%>
<%
Dim Addresses__sortby
Addresses__sortby = "LastName"
If (TestSort <> "") Then
Addresses__sortby = TestSort
End If
%>
<%
Dim Addresses__fName
Addresses__fName = "All"
If (TestFirst <> "") Then
Addresses__fName = TestFirst
End If
%>
<%
Dim Addresses__lName
Addresses__lName = "All"
If (TestLast <> "") Then
Addresses__lName = TestLast
End If
%>
<%
Dim Addresses__fComp
Addresses__fComp = "All"
If (TestComp <> "") Then
Addresses__fComp = TestComp
End If
%>
<%
Dim Addresses
Dim Addresses_cmd
Dim Addresses_numRows

Set Addresses_cmd = Server.CreateObject ("ADODB.Command")
Addresses_cmd.ActiveConnection = MM_upload_STRING
Addresses_cmd.CommandText = "SELECT * FROM Address WHERE User = ? AND (? = 'All' OR Category LIKE 'fCat') AND (? = 'All' OR FirstName LIKE 'fName') AND (? = 'All' OR LastName LIKE 'lName') AND (? = 'All' or Company LIKE 'fComp') ORDER BY ?"
Addresses_cmd.Prepared = true
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param1", 200, 1, 255, Addresses__MMColParam) ' adVarChar
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param2", 200, 1, 255, Addresses__fCat) ' adVarChar
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param3", 200, 1, 255, Addresses__fName) ' adVarChar
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param4", 200, 1, 255, Addresses__lName) ' adVarChar
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param5", 200, 1, 255, Addresses__fComp) ' adVarChar
Addresses_cmd.Parameters.Append Addresses_cmd.CreateParameter("param6", 200, 1, 255, Addresses__sortby) ' adVarChar

Set Addresses = Addresses_cmd.Execute
Addresses_numRows = 0
%>

TOPICS
Server side applications
224
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 1 Reply 1
latest latest Jump to latest reply
Newsgroup_User
LEGEND ,
Aug 07, 2008 Aug 07, 2008
LATEST
>I have upgraded to CS3 from an older version of Dreamweaver. Now, when I
>call
> the SQL for a document created in an older version, it is changing the
> whole
> Recordset syntax. In addition, my old code no longer works.



"To increase security in Dreamweaver 8.0.2 and CS3 we removed the ability to
use dynamic SQL parameters inside standard Recordsets. The original code
exposed databases to SQL injections."

http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402875&sliceId=2

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices