I have a problem in this line of code:
myCommands = New OdbcCommand("select * from customer where uname='" + Session("user") + "'", myConnections)
my goal here is to display all the user's information in a page tab, but it only shows a blank page.
Posting my comment as an answer:
myCommands = New OdbcCommand("select * from customer where lower(uname) = lower(#user)"), myConnections);
myCommands.Parameters.Add("#user", OdbcDbType.NVarChar).Value = Session["user"].ToString();
This solved a problem.
Related
sorry, I am a very amateur programmer - I am trying to solve a problem with customers placing an order...
....how to reset REQUEST.COOKIES("user")
after placing an order the thank you page - using this code
Dim pay_status, c_id
pay_status = "yes"`
c_id = REQUEST.COOKIES("user")
Query = "Select * FROM orders WHERE cust_id ='" & c_id & "'"
Set record = Connection.Execute(Query)
c_id = ""
if the customer keeps the browser open and places a new order it will add the items from previous order.
I am thinking if I can reset the REQUEST.COOKIES("user") it will solve the problem. using c_id = "" did not work. thanks for any help!
To manipulate cookies use the response object.
To remove the cookie:
Response.Cookies("user").Expires = DateAdd("d",-1,Now())
To set a new value:
Response.Cookies("user") = newval
I don’t think it makes sense to change the userid when an order has been placed, but that’s another discussion.
I am creating a reset password procedure. this way:
1- Send reset email to the user (whom forgot his/her password), and this email contain a link to this address:
http://www.example.com/resetpassword.php?userid=1b2798bad6ee465d967cdb71ced504f7
The value of the parameter [userid] is generated by this PHP code:
<?php
md5($row_Recordset2['userID'].date('d-m-Y'));
?>
Note: I did this so that I can get a unique parameter value containing: The MD5 hash of the real user id + the current date (concatenation) , Why? so the link in the email will be available for the current date only. I do not want that link to work in the next day.
2- When the person click on the above link, he/she will be taken to the page [resetpassword.php]
3- In the page [resetpassword.php] page I have this piece of code:
$colname_Recordset1 = "-1";
if (isset($_GET['userid'])) {
$colname_Recordset1 = $_GET['userid'];
}
mysql_select_db($database_aaa_database, $aaa_database);
$query_Recordset1 = sprintf("SELECT * FROM users WHERE md5(CONCAT(userID,
DATE_FORMAT(NOW(),'%d-%m-%Y'))) = %s ", GetSQLValueString($colname_Recordset1,
"text"));
$Recordset1 = mysql_query($query_Recordset1, $aaa_database) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
The SELECT statement return [Query was empty] ... What is the problem and how to solve it?
I have tested this MySQL statement manually:
SELECT userFirstName, md5(CONCAT(userID, DATE_FORMAT(NOW(),'%d-%m-%Y'))) from users
And it return many rows, one of the rows is like this:
Sam 1b2798bad6ee465d967cdb71ced504f7
So, the:
md5(CONCAT(userID, DATE_FORMAT(NOW(),'%d-%m-%Y')))
works fine and it return the same exact value generated by the PHP code :
<?php
md5($row_Recordset2['userID'].date('d-m-Y'));
?>
PHP give: 1b2798bad6ee465d967cdb71ced504f7
MySQL give: 1b2798bad6ee465d967cdb71ced504f7
But this:
md5(CONCAT(userID, DATE_FORMAT(NOW(),'%d-%m-%Y')))
seems to be NOT WORKING in the WHERE clause:
sprintf("SELECT * FROM users WHERE md5(CONCAT(userID,
DATE_FORMAT(NOW(),'%d-%m-%Y'))) = %s ", GetSQLValueString($colname_Recordset1,
"text"));
By the way, I am using Dreamweaver.
I don't know how to solve this problem. Any help will be highly appreciated.
Ignore this to get to the main problem, below is only the idea
Scenario: I am making a total Private Messaging system in Visual Basic.
Trying: I want to make an Inbox for the users. The messages will be retrieved from the MySQL database and shown in small custom Grid made with Panel(Type of Control from Visual basic) for each message which will be clickable which is when clicked, the whole message will be shown.
Did so far: Not too much though(Talking about the Inbox.), I only wrote the MySQL query.
I will make the Sending and Reading PM after the Inbox as Inbox seems more complex than the other two things.
I really want to know how can this be achieved. I searched around almost everywhere, either it was for PHP and web based or nothing. I want to know how to dynamically create controls like panels and the labels and show the PMs. Is there any other way to do this rather than showing the PMs in DataGridView ? (I really don't want to use that as it's not what I want.)
For reference: The custom Grid is something like this:
The MySQL PM table:
PMId - The ID for the message (Auto Incremented)
Sender_Name - The person sending the message
Receiver_Name - The person receiving the message
Subject - The subject of the message
Date_Sent - Date on which the message was sent
PM_Read - If the PM has been read (0 for not read, 1 for read)
Deleted - If the PM has been deleted (0 for not deleted, 1 for deleted)
Look at the code-behind for a built form and you will see how to create controls at run-time. For example, I created a form, added a panel with a button and label and this is the code created in the designer:
Private Sub InitializeComponent()
Me.Button1 = New System.Windows.Forms.Button()
Me.Label1 = New System.Windows.Forms.Label()
Me.Panel1 = New System.Windows.Forms.Panel()
Me.Panel1.SuspendLayout()
Me.SuspendLayout()
'
'Button1
'
Me.Button1.Location = New System.Drawing.Point(3, 3)
Me.Button1.Name = "Button1"
Me.Button1.Size = New System.Drawing.Size(75, 23)
Me.Button1.TabIndex = 0
Me.Button1.Text = "Button1"
Me.Button1.UseVisualStyleBackColor = True
'
'Label1
'
Me.Label1.AutoSize = True
Me.Label1.Location = New System.Drawing.Point(3, 29)
Me.Label1.Name = "Label1"
Me.Label1.Size = New System.Drawing.Size(39, 13)
Me.Label1.TabIndex = 1
Me.Label1.Text = "Label1"
'
'Panel1
'
Me.Panel1.Controls.Add(Me.Button1)
Me.Panel1.Controls.Add(Me.Label1)
Me.Panel1.Location = New System.Drawing.Point(12, 12)
Me.Panel1.Name = "Panel1"
Me.Panel1.Size = New System.Drawing.Size(198, 69)
Me.Panel1.TabIndex = 2
'
'Form1
'
Me.AutoScaleDimensions = New System.Drawing.SizeF(6.0!, 13.0!)
Me.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font
Me.ClientSize = New System.Drawing.Size(284, 262)
Me.Controls.Add(Me.Panel1)
Me.Name = "Form1"
Me.Text = "Form1"
Me.Panel1.ResumeLayout(False)
Me.Panel1.PerformLayout()
Me.ResumeLayout(False)
End Sub
Friend WithEvents Button1 As System.Windows.Forms.Button
Friend WithEvents Label1 As System.Windows.Forms.Label
Friend WithEvents Panel1 As System.Windows.Forms.Panel
You can do the same thing at run-time.
Dim iTop As Int32 = 5
For Each DR As DataRow In DT.Rows
Dim pnl As New Panel
pnl.Location = New System.Drawing.Point(12, iTop)
pnl.Size = New System.Drawing.Size(198, 40)
Dim lbl As New Label
lbl.Location = New System.Drawing.Point(3, 3)
lbl.Size = New System.Drawing.Size(39, 13)
lbl.Text = DR("Some field from your table")
'Add to panel
pnl.Controls.Add(lbl)
'Add to Form
Me.Controls.Add(pnl)
'Add to the top location so the next set of controls are not on top of the old ones
iTop += 50
Next
First, I quite apologize to you for my poor English (cause I'm french).
My problem is that, I need to recover some data like server IP, user name and password witch was get back by the user in some input on submit and use these data for change the connectionString witch is in web.config. But I don't know how to do.
I hope to have been clear and thank you in advance for your help.
Well, after a lot of search and work, I have chose to change my connectionString like it:
#{
Layout = "~/_Layout.cshtml";
Page.Title = "Dossier Racine";
var srv = Request.QueryString["server"];
var usr = Request.QueryString["username"];
var pwd = Request.QueryString["password"];
var db = Database.OpenConnectionString("server="+srv+";database=ReportServer;uid="+usr+";pwd="+pwd+"","System.Data.SqlClient");
var sqlFile = " SELECT *"
+ " FROM Catalog";
var selectedData = db.Query(sqlFile);
}
For example, user wants to search the movie database, by director's last name, so the user will type in Smith and then in the drop down menu will choose Director's Last Name. I just need to know how to get the post variables into the SELECT --> WHERE function
$columnsch = $_POST["columnsearch"];
$contentsch = $_POST["contentsearch"];
$result = mysql_query("SELECT * FROM movies WHERE $columnsch ='$contentsch'");
if (!$result) {
die ("Database Query Failed: ".mysql_error());
I know the above code is incorrect but it gives the general idea of what I want to achieve.
Zdravko, Im really new to this, Im not sure where your lines of code for example the sql would fit in with what I have.
you can do 2 things: first is to generate the sql based on the search criteria:
sql = sql + 'WHERE ' + SearchField + ' = "'+ SearchValue + '";'
the other is to write sql like this:
WHERE (#SearchField = 'Director' and Ditector = #SearchValue)
OR (#SerarchField = 'Star' and Star = #SearchValue)
....