cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
0
Upvote

Update Record Parameter Variable SQL injection

Lara_Willis
New Here ,
Jul 16, 2006 Jul 16, 2006

Copy link to clipboard

Copied

Hello...Please advise how to correct code... The update record field recordcurrent is a y/n checkbox field with radio buttons for selecting response with default as N. Here is the code that has an error:

MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param11", 5, 1, -1, MM_IIF(Request.Form("RecordCurrentCheck"), Request.Form("RecordCurrentCheck"), null)) ' adDouble

The code for the recordset follows:

<input <%If (CStr((eprofile.Fields.Item("RecordCurrent").Value)) = CStr("Y")) Then Response.Write("checked=""checked""") : Response.Write("")%> type="radio" name="RecordCurrentCheck" value="Y">
Yes
<input <%If (CStr((eprofile.Fields.Item("RecordCurrent").Value)) = CStr("N")) Then Response.Write("checked=""checked""") : Response.Write("")%> type="radio" name="RecordCurrentCheck" value="N"checked>

Should there be a second createparameter based on there being two buttons?

Thank you for your assistance,
Much confused one,
Lara
TOPICS
Server side applications

Views

327
Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
i_hitman
Explorer ,
Jul 17, 2006 Jul 17, 2006

Copy link to clipboard

Copied

Try...

<input <%If (CStr((eprofile.Fields.Item("RecordCurrent").Value)) = CStr("Y")) Then Response.Write("checked='checked'")%> type="radio" name="RecordCurrentCheck" value="Y"> Yes
<input <%If (CStr((eprofile.Fields.Item("RecordCurrent").Value)) = CStr("N")) Then Response.Write("checked='checked'")%> type="radio" name="RecordCurrentCheck" value="N"> No

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Lara_Willis
New Here ,
Jul 18, 2006 Jul 18, 2006

Copy link to clipboard

Copied

LATEST
In Response To i_hitman
Thank you so much for your reply...I endedup changing the data format completely to enter the current date the record is updated! Working now, but i'm going to save your note for other pages with radiobuttons.

Mucho Gracie,'
Lara

Votes

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices