ASP SQL Statement

Results 1 to 2 of 2

Thread: ASP SQL Statement

  1. #1
    Join Date
    Dec 1969

    Default ASP SQL Statement

    I want to allow access to a directory by comparing a value in a table with the "HTTP_REFERER" Example: If I want to allow access via a hyperlink from any page on this site, then my entry in the table would be "" and my WHERE statement is checking to see if "" is contained in the "HTTP_REFERER"<BR><BR>I&#039;m connecting to the database when I use "=" and I enter a value in the table that matches "HTTP_REFERER" exactly.<BR><BR>What is wrong with the sQuery line? I use query analyzer all day long but this is my first attempt to use sql along with ASP.<BR><BR>referer=lcase(request.servervariables( "HTTP_REFERER"))<BR>sQuery = "SELECT * FROM pbs WHERE orgin like " & "&#039;" & referer & "&#039;"<BR><BR>Also, what would I need to place on each page that would continue to allow the linked visitor to navigate as long as they are allow permission initially. That is if you type the url in the address bar or link from an unauthorized site, then you would get redirected to a "you can&#039;t get here from there" page.<BR>

  2. #2
    Join Date
    Dec 1969

    Default RE: ASP SQL Statement

    referer=lcase(request.servervariables("HTTP_REFERE R")) <BR>sQuery = "SELECT * FROM pbs WHERE orgin like &#039;" & referer & "&#039;" <BR><BR>you had 1 to many " & in there.<BR>You are familliar to syntax, so here is a good way to check when you have a problem<BR><BR>sQuery = "SELECT * FROM pbs WHERE orgin like &#039;" & referer & "&#039;"<BR>Response.Write "My sQuery looks like this" & sQuery<BR><BR>then you can see exactly what the query is.<BR><BR>Now you can do your next part easily.<BR><BR>if you have record matchs from sQuery then allow access<BR>Else<BR>response.Redirect "somotherpage.asp"<BR>end if<BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts