Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > redirect if record already exists in database

Reply
Thread Tools

redirect if record already exists in database

 
 
Jim in Arizona
Guest
Posts: n/a
 
      01-05-2005
I'm wanting to do a simple controlled voting page. I too our webserver off
anonymous and everyone who accesses the website is a domain authenticated
user. I've already done some control structure pages based on
Request.ServerVariables("AUTH_USER"), which works great. That's also how I
would do this page, in my basic thinking.

My idea is to have an access database with two tables. One table will have
the vote written to it and the other table will have the AUTH_USER written
to it when the employee casts their vote. I'm wondering how I would do a
test against that table to see if their name has already been written to the
table. So, if an employee votes already, when they go to vote again, their
user logon would be tested against all entries in the table and if it
exists, the vote would not be written and they would be redirected to
another page that politely tells them they've already voted.

I'm hoping there is an easy answer for this.

Thanks,
Jim


 
Reply With Quote
 
 
 
 
Jeff Cochran
Guest
Posts: n/a
 
      01-06-2005
On Wed, 5 Jan 2005 13:59:28 -0700, "Jim in Arizona"
<(E-Mail Removed)> wrote:

>I'm wanting to do a simple controlled voting page. I too our webserver off
>anonymous and everyone who accesses the website is a domain authenticated
>user. I've already done some control structure pages based on
>Request.ServerVariables("AUTH_USER"), which works great. That's also how I
>would do this page, in my basic thinking.
>
>My idea is to have an access database with two tables. One table will have
>the vote written to it and the other table will have the AUTH_USER written
>to it when the employee casts their vote. I'm wondering how I would do a
>test against that table to see if their name has already been written to the
>table. So, if an employee votes already, when they go to vote again, their
>user logon would be tested against all entries in the table and if it
>exists, the vote would not be written and they would be redirected to
>another page that politely tells them they've already voted.
>
>I'm hoping there is an easy answer for this.


Do a SELECT from the authorization table WHERE the user column is
equal to AUTH_USER, then branch on whether it's null. Or just us an
IF EXISTS in your query if your database supports that and do the
entire thing in a single query. Books Online has examples if you use
SQL Server.

Jeff
 
Reply With Quote
 
 
 
 
Jim in Arizona
Guest
Posts: n/a
 
      01-06-2005
I'm using an access 2K database.

I'm trying to do what you suggested but I'm running into some trouble. I'm
getting this error:

a.. Error Type:
Microsoft VBScript runtime (0x800A01A
Object required: 'SELECT * from voting'
/castvote.asp, line 17

Here's my code:

------------------------- castvote.asp-----------------------------

Dim empname, Conn, SQL1

empname = Request.ServerVariables("AUTH_USER")

Set Conn = Server.CreateObject("ADODB.Connection")
Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
server.mappath("eoty.mdb")

SQL1 = "SELECT * from votingemp where(voter = '" & empname & "')"

Conn.Execute SQL1,,129

'Response.Write(SQL1)

Response.Write(SQL1.Fields("voter"))

-------------------------------- end asp -----------------------------

When I comment out the Response.Write(SQL1.Fields("voter")) and uncomment
the Response.Write(SQL1), I get this SQL Statement:

SELECT * from votingemp where(voter = 'DOMAIN\jim')

I tested that statement in access and it worked fine.

Line 17 is Response.Write(SQL1.Fields("voter"))


My plan, if this was working, was to place the result of the
Response.Write(SQL1.Fields("voter")) into a variable like so:

testvariable = Response.Write(SQL1.Fields("voter"))

Then do some branching off of that like so:

If testvariable = empname Then
Response.Write("You already voted")
Else
VoteDB Insert string Here
End If

Am I heading in the right direction?

Thanks,
Jim






"Jeff Cochran" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Wed, 5 Jan 2005 13:59:28 -0700, "Jim in Arizona"
> <(E-Mail Removed)> wrote:
>
>>I'm wanting to do a simple controlled voting page. I too our webserver off
>>anonymous and everyone who accesses the website is a domain authenticated
>>user. I've already done some control structure pages based on
>>Request.ServerVariables("AUTH_USER"), which works great. That's also how I
>>would do this page, in my basic thinking.
>>
>>My idea is to have an access database with two tables. One table will have
>>the vote written to it and the other table will have the AUTH_USER written
>>to it when the employee casts their vote. I'm wondering how I would do a
>>test against that table to see if their name has already been written to
>>the
>>table. So, if an employee votes already, when they go to vote again, their
>>user logon would be tested against all entries in the table and if it
>>exists, the vote would not be written and they would be redirected to
>>another page that politely tells them they've already voted.
>>
>>I'm hoping there is an easy answer for this.

>
> Do a SELECT from the authorization table WHERE the user column is
> equal to AUTH_USER, then branch on whether it's null. Or just us an
> IF EXISTS in your query if your database supports that and do the
> entire thing in a single query. Books Online has examples if you use
> SQL Server.
>
> Jeff



 
Reply With Quote
 
Chris Hohmann
Guest
Posts: n/a
 
      01-06-2005
"Jim in Arizona" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Jeff Cochran" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > On Wed, 5 Jan 2005 13:59:28 -0700, "Jim in Arizona"
> > <(E-Mail Removed)> wrote:
> >
> >>I'm wanting to do a simple controlled voting page. I too our webserver

off
> >>anonymous and everyone who accesses the website is a domain

authenticated
> >>user. I've already done some control structure pages based on
> >>Request.ServerVariables("AUTH_USER"), which works great. That's also how

I
> >>would do this page, in my basic thinking.
> >>
> >>My idea is to have an access database with two tables. One table will

have
> >>the vote written to it and the other table will have the AUTH_USER

written
> >>to it when the employee casts their vote. I'm wondering how I would do a
> >>test against that table to see if their name has already been written to
> >>the
> >>table. So, if an employee votes already, when they go to vote again,

their
> >>user logon would be tested against all entries in the table and if it
> >>exists, the vote would not be written and they would be redirected to
> >>another page that politely tells them they've already voted.
> >>
> >>I'm hoping there is an easy answer for this.

> >
> > Do a SELECT from the authorization table WHERE the user column is
> > equal to AUTH_USER, then branch on whether it's null. Or just us an
> > IF EXISTS in your query if your database supports that and do the
> > entire thing in a single query. Books Online has examples if you use
> > SQL Server.
> >
> > Jeff

>
> I'm using an access 2K database.
>
> I'm trying to do what you suggested but I'm running into some trouble. I'm
> getting this error:
>
> a.. Error Type:
> Microsoft VBScript runtime (0x800A01A
> Object required: 'SELECT * from voting'
> /castvote.asp, line 17
>
> Here's my code:
>
> ------------------------- castvote.asp-----------------------------
>
> Dim empname, Conn, SQL1
>
> empname = Request.ServerVariables("AUTH_USER")
>
> Set Conn = Server.CreateObject("ADODB.Connection")
> Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
> server.mappath("eoty.mdb")
>
> SQL1 = "SELECT * from votingemp where(voter = '" & empname & "')"
>
> Conn.Execute SQL1,,129
>
> 'Response.Write(SQL1)
>
> Response.Write(SQL1.Fields("voter"))
>
> -------------------------------- end asp -----------------------------
>
> When I comment out the Response.Write(SQL1.Fields("voter")) and uncomment
> the Response.Write(SQL1), I get this SQL Statement:
>
> SELECT * from votingemp where(voter = 'DOMAIN\jim')
>
> I tested that statement in access and it worked fine.
>
> Line 17 is Response.Write(SQL1.Fields("voter"))
>
>
> My plan, if this was working, was to place the result of the
> Response.Write(SQL1.Fields("voter")) into a variable like so:
>
> testvariable = Response.Write(SQL1.Fields("voter"))
>
> Then do some branching off of that like so:
>
> If testvariable = empname Then
> Response.Write("You already voted")
> Else
> VoteDB Insert string Here
> End If
>
> Am I heading in the right direction?
>
> Thanks,
> Jim


Here are some observations:
1. SQL1 is a string, not a recordset object. You need to declare a recordset
object and assign it to the return value of the Conn.Execute call.

2. Please consider explicitly listing the columns in your SQL statement
instead of using "SELECT *". Here's an article that explains the benefits:
http://aspfaq.com/show.asp?id=2096

3. The parenthesis are unnecessary in the WHERE clause of your SQL
statement.

4. The third parameter in the Conn.Execute call is incorrect in this
context. The third parameter of the Execute method is the options parameter
which is a bitmask of command type and execution option values. 129
indicates a command type of text (1) which is correct plus an execution
option of "no records" (12 which is incorrect. So the value of the option
parameter should simply be 1. This is all outlined in the Connection.Execute
method documentation:
http://www.msdn.microsoft.com/librar...cnnexecute.asp

5. When dynamically constructing SQL statements, you should take steps to
validate the input. This includes but is not limited to escaping
apostrophes. In the alternative, you may want to consider avoiding dynamic
sql entirely by using a parameterized query.

6. Before attempting to access the recordset object, you should verify that
data was returned by inspecting the Recordset.EOF property.

7. The Response.Write method is a statement, not a function so you don't
need to use parenthesis when making the call.

8. Please consider closing/deallocating objects after your done with them.
Here's an article that explains why:
http://aspfaq.com/show.asp?id=2435

9. The quoted text of this reply has been reordered to preserve the flow of
the thread. When posting replies please consider placing them below the
quoted text or inline.

Here's a revision of your code with a number of the above observations
applied:

<%
Dim empname, Conn, rs, SQL1

empname = Request.ServerVariables("AUTH_USER")

Set Conn = Server.CreateObject("ADODB.Connection")
Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
server.mappath("eoty.mdb")

SQL1 = "SELECT voter from votingemp where voter = '" &
Replace(empname,"'","''") & "'"
Set rs = Conn.Execute(SQL1,,1)

'Response.Write(SQL1)
If rs.EOF Then
Response.Write "Record not found"
Else
Response.Write rs.Fields("voter")
End If

rs.Close : Set rs = Nothing
Conn.Close : Set Conn=Nothing
%>

HTH
-Chris Hohmann



 
Reply With Quote
 
Jim in Arizona
Guest
Posts: n/a
 
      01-06-2005

"Chris Hohmann" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Jim in Arizona" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> "Jeff Cochran" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>> > On Wed, 5 Jan 2005 13:59:28 -0700, "Jim in Arizona"
>> > <(E-Mail Removed)> wrote:
>> >
>> >>I'm wanting to do a simple controlled voting page. I too our webserver

> off
>> >>anonymous and everyone who accesses the website is a domain

> authenticated
>> >>user. I've already done some control structure pages based on
>> >>Request.ServerVariables("AUTH_USER"), which works great. That's also
>> >>how

> I
>> >>would do this page, in my basic thinking.
>> >>
>> >>My idea is to have an access database with two tables. One table will

> have
>> >>the vote written to it and the other table will have the AUTH_USER

> written
>> >>to it when the employee casts their vote. I'm wondering how I would do
>> >>a
>> >>test against that table to see if their name has already been written
>> >>to
>> >>the
>> >>table. So, if an employee votes already, when they go to vote again,

> their
>> >>user logon would be tested against all entries in the table and if it
>> >>exists, the vote would not be written and they would be redirected to
>> >>another page that politely tells them they've already voted.
>> >>
>> >>I'm hoping there is an easy answer for this.
>> >
>> > Do a SELECT from the authorization table WHERE the user column is
>> > equal to AUTH_USER, then branch on whether it's null. Or just us an
>> > IF EXISTS in your query if your database supports that and do the
>> > entire thing in a single query. Books Online has examples if you use
>> > SQL Server.
>> >
>> > Jeff

>>
>> I'm using an access 2K database.
>>
>> I'm trying to do what you suggested but I'm running into some trouble.
>> I'm
>> getting this error:
>>
>> a.. Error Type:
>> Microsoft VBScript runtime (0x800A01A
>> Object required: 'SELECT * from voting'
>> /castvote.asp, line 17
>>
>> Here's my code:
>>
>> ------------------------- castvote.asp-----------------------------
>>
>> Dim empname, Conn, SQL1
>>
>> empname = Request.ServerVariables("AUTH_USER")
>>
>> Set Conn = Server.CreateObject("ADODB.Connection")
>> Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
>> server.mappath("eoty.mdb")
>>
>> SQL1 = "SELECT * from votingemp where(voter = '" & empname & "')"
>>
>> Conn.Execute SQL1,,129
>>
>> 'Response.Write(SQL1)
>>
>> Response.Write(SQL1.Fields("voter"))
>>
>> -------------------------------- end asp -----------------------------
>>
>> When I comment out the Response.Write(SQL1.Fields("voter")) and uncomment
>> the Response.Write(SQL1), I get this SQL Statement:
>>
>> SELECT * from votingemp where(voter = 'DOMAIN\jim')
>>
>> I tested that statement in access and it worked fine.
>>
>> Line 17 is Response.Write(SQL1.Fields("voter"))
>>
>>
>> My plan, if this was working, was to place the result of the
>> Response.Write(SQL1.Fields("voter")) into a variable like so:
>>
>> testvariable = Response.Write(SQL1.Fields("voter"))
>>
>> Then do some branching off of that like so:
>>
>> If testvariable = empname Then
>> Response.Write("You already voted")
>> Else
>> VoteDB Insert string Here
>> End If
>>
>> Am I heading in the right direction?
>>
>> Thanks,
>> Jim

>
> Here are some observations:
> 1. SQL1 is a string, not a recordset object. You need to declare a
> recordset
> object and assign it to the return value of the Conn.Execute call.
>
> 2. Please consider explicitly listing the columns in your SQL statement
> instead of using "SELECT *". Here's an article that explains the benefits:
> http://aspfaq.com/show.asp?id=2096
>
> 3. The parenthesis are unnecessary in the WHERE clause of your SQL
> statement.
>
> 4. The third parameter in the Conn.Execute call is incorrect in this
> context. The third parameter of the Execute method is the options
> parameter
> which is a bitmask of command type and execution option values. 129
> indicates a command type of text (1) which is correct plus an execution
> option of "no records" (12 which is incorrect. So the value of the
> option
> parameter should simply be 1. This is all outlined in the
> Connection.Execute
> method documentation:
> http://www.msdn.microsoft.com/librar...cnnexecute.asp
>
> 5. When dynamically constructing SQL statements, you should take steps to
> validate the input. This includes but is not limited to escaping
> apostrophes. In the alternative, you may want to consider avoiding dynamic
> sql entirely by using a parameterized query.
>
> 6. Before attempting to access the recordset object, you should verify
> that
> data was returned by inspecting the Recordset.EOF property.
>
> 7. The Response.Write method is a statement, not a function so you don't
> need to use parenthesis when making the call.
>
> 8. Please consider closing/deallocating objects after your done with them.
> Here's an article that explains why:
> http://aspfaq.com/show.asp?id=2435
>
> 9. The quoted text of this reply has been reordered to preserve the flow
> of
> the thread. When posting replies please consider placing them below the
> quoted text or inline.
>
> Here's a revision of your code with a number of the above observations
> applied:
>
> <%
> Dim empname, Conn, rs, SQL1
>
> empname = Request.ServerVariables("AUTH_USER")
>
> Set Conn = Server.CreateObject("ADODB.Connection")
> Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &
> server.mappath("eoty.mdb")
>
> SQL1 = "SELECT voter from votingemp where voter = '" &
> Replace(empname,"'","''") & "'"
> Set rs = Conn.Execute(SQL1,,1)
>
> 'Response.Write(SQL1)
> If rs.EOF Then
> Response.Write "Record not found"
> Else
> Response.Write rs.Fields("voter")
> End If
>
> rs.Close : Set rs = Nothing
> Conn.Close : Set Conn=Nothing
> %>
>
> HTH
> -Chris Hohmann
>



Thanks Chris. That put me in the right direction. I think I can get
accomplished what I've set out to do.

It seems that I'm still trying to get it strait in my head on when and when
not to use parenthesis. I'll get it strait someday.

Thanks for your guidance. I'll put it to good use.

Jim


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Database Database Database Database scott93727@gmail.com Computer Information 0 09-27-2012 02:43 AM
DataBase DataBase DataBase DataBase scott93727@gmail.com Computer Information 0 09-26-2012 09:40 AM
finding if file exists or not in apache webdav server and if exists what is the mime type of it.... Totan Java 0 04-17-2006 05:13 AM
Detecting if a table in a database already exists ? Thorsten Meininger Java 1 10-12-2004 11:57 PM
Basic Q - Response.Redirect, all redirect to first Response.Redirect statement Sal ASP .Net Web Controls 1 05-15-2004 03:46 PM



Advertisments