PDA

Click to See Complete Forum and Search --> : error in this asp...need urgent help..

piertiong
10-15-2003, 04:51 AM
<% Response.ContentType="text/vnd.wap.wml"%>
<?xml version="1.0"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card title="Loggin in">
<p>
<%
Dim conn, rs
Set conn = Server.CreateObject("ADODB.Connection")
Set rs = Server.CreateObject("ADODB.Recordset")
conn.open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("Cars.mdb") & ";"

Dim userId, userPw
Dim sql

userId = Request.QueryString("id")
userPw = Request.QueryString("pwd")

sql = "SELECT * FROM Customer WHERE userID = '" & userId & "' AND pwd='" & userPw & "'"
Set rs = conn.Execute (sql)

if NOT rs.EOF Then
Response.Redirect("http://localhost/mobile/bookingServices.asp")
else
Response.Write sql
Response.Write userID
Response.Write userPw
Response.Write "Something is wrong"
end if
rs.Close
conn.Close
Set rs = Nothing
Set conn = Nothing
%>
</p>
</card>
</wml>
gil davis
10-15-2003, 04:30 PM
You need to be more specific. What is the error?
piertiong
10-16-2003, 09:09 AM
it shows up as error 500 in nokia mobile browser. and it doesn't give me a specific part of the code that produces the error.

but i'm guessing the sql statement.
gil davis
10-16-2003, 10:48 AM
500 is an internal server error.
montyburns
10-17-2003, 05:01 AM
I'd imagine it's because you're doing a redirect to localhost? Any remote computer surely will fail when it tries to redirect to this?
piertiong
10-17-2003, 05:11 AM
i'm doing this on only one system, so i use local host.
rdoekes
10-18-2003, 02:26 PM
A couple things I noticed in your code:
1. You write HTTP headers and then you do a response.redirect. It is advicable to start you script with Response.Buffer = True. And at the end of your code Response.Flush
2. Your connection to the database and the recordset is still open when you redirect. Better is to do the following:
If Not rs.EOF Then
rs.Close
conn.Close
Set rs = Nothing
Set conn = Nothing
Response.Redirect "etc...."
Else
etc.
End If
3. You mention an ID and the field name in your db table is userID, which to me indicates a numeric field. But you handle the userid value as a text?
4. You use a querystring to pass login information. As a user, I do not want to see the password I entered come back in a querystring. Use the post method instead, and try to protect it with secure layers if this is real production.

What you could do is put error handling on, and trap each line of code with a error trapping routine

Sub TrapError()
If err.Number <> 0 Then
Response.Write Err.Number & ": " & Err.Description
Response.End
End If
End Sub

And call this routine after each relevant line of code:
-Open connection
- Open recordset
- Redirect

Hope this helps,

-Rogier Doekes