开发者

matching string with database

问答 作者:

I am coding simple 404 seo for my website. I am little confused at one point. I need codes to go over categories table and see if it matches with the string. If yes, then it should print category's name, if not then it should display "page not found" message. I dont understand where I went wrong here...

> > <%
> >     WebsiteQueryString = Request.QueryString
> >     SplitQueryString = split(WebsiteQueryString, "/")
> > 
> >     SQL = "SELECT C.CATEGORYID,
> > C.CATEGORYNAME"     SQL = SQL & " FROM
> > CATEGORIES C"   Set objCategory =
> > objConn.Execute(SQL)    
> > 
> >     If objCategory("CATEGORYID") =
> > SplitQueryString(4) Then     %>
> > 
> > <%=objCategory("CATEGORYNAME")%>
> > 
> > <% Else %>
> > 
> 
>   开发者_如何转开发  enter code here`page not found.
> 
> > 
> > 
> > <% End If %>

Some hints:

1/ use cInt (or cStr)

If objCategory("CATEGORYID") = SplitQueryString(4) Then

If SplitQueryString(4) is a number, try putting cInt( before both operands as in

If cInt(objCategory("CATEGORYID")) = cInt(SplitQueryString(4)) Then

If have come across situations where I needed to do this to have a good comparison.

2/ try writing the values on screen before you compare them (are you sure you are comparing with the correct element ?)

Response.Write( "[" & objCategory("CATEGORYID" & "]")
Response.Write( "[" & SplitQueryString(4) & "]" )

I always put brackets around them as to see if an empty string is present

3/ Test for IsNull()

Try testing for IsNull() for your objCategory("CATEGORYID") , since I think field values are Null if not present in the record

4/ Make sure you use the correct field name (CATEGORYID) - check spelling

OK, I'm a little rusty on the Classic ASP, but it seems that you probably want something more like this:

<% 
    WebsiteQueryString = Request.QueryString 
    SplitQueryString = split(WebsiteQueryString, "/") 

    ' I'm assuming SplitQueryString(4) is a number, as is CATEGORYID
    SQL = "SELECT CATEGORYNAME FROM CATEGORIES WHERE CATEGORYID = " & SplitQueryString(4)
    Set objCategory = objConn.Execute(SQL)     

    If objCategory("CATEGORYNAME") <> "" Then

    Response.Write(objCategory("CATEGORYNAME"))

    Else %> 

  enter code here`page not found. 

<% End If %>

One other major comment on this. Taking this approach makes you severely susceptible to SQL injection attacks. I'd suggest a Stored Procedure.

继续阅读:asp-classic

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9