Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > ASP (not .net) 1.1

Reply
Thread Tools

ASP (not .net) 1.1

 
 
aspquerrier
Guest
Posts: n/a
 
      11-22-2008
Hi, I have a question on ASP (not .NET) I need (due to a strange ASP page
design I am modifying) to pass a value from the querystring (which is
received from the URL calling the form) to a HTML Submit input box so that it
will be passed on to the form itself in a secondary iteration (the form is
used as submitting to itself with many other values in user typed input
fields which are passed succesfully). If I try to pass the querystring to a
variable, and read the variable, it is empty after the user clicks 'submit'.
So the question is, how does one programmatically populate a HTML text field
with a value from the quesrystring (URL)? or, how does one programmatically
pass a querystring value to the form itself if it submits to itself?
Thanks
 
Reply With Quote
 
 
 
 
Jeff Dillon
Guest
Posts: n/a
 
      11-22-2008
You could save it into a Session variable

Jeff

"aspquerrier" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi, I have a question on ASP (not .NET) I need (due to a strange ASP page
> design I am modifying) to pass a value from the querystring (which is
> received from the URL calling the form) to a HTML Submit input box so that
> it
> will be passed on to the form itself in a secondary iteration (the form is
> used as submitting to itself with many other values in user typed input
> fields which are passed succesfully). If I try to pass the querystring to
> a
> variable, and read the variable, it is empty after the user clicks
> 'submit'.
> So the question is, how does one programmatically populate a HTML text
> field
> with a value from the quesrystring (URL)? or, how does one
> programmatically
> pass a querystring value to the form itself if it submits to itself?
> Thanks



 
Reply With Quote
 
 
 
 
Evertjan.
Guest
Posts: n/a
 
      11-22-2008
=?Utf-8?B?YXNwcXVlcnJpZXI=?= wrote on 22 nov 2008 in
microsoft.public.inetserver.asp.general:

> Hi, I have a question on ASP (not .NET) I need (due to a strange ASP
> page design I am modifying) to pass a value from the querystring
> (which is received from the URL calling the form) to a HTML Submit
> input box so that it will be passed on to the form itself in a
> secondary iteration (the form is used as submitting to itself with
> many other values in user typed input fields which are passed
> succesfully). If I try to pass the querystring to a variable, and read
> the variable, it is empty after the user clicks 'submit'. So the
> question is, how does one programmatically populate a HTML text field
> with a value from the quesrystring (URL)? or, how does one
> programmatically pass a querystring value to the form itself if it
> submits to itself? Thanks


<input value='<%=request.querystring("myValue")%>' name='myValue'>

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
aspquerrier
Guest
Posts: n/a
 
      11-23-2008
Thanks it worked beautifully.
Still, I don't understand why just trying to use the request.querystring
didn't work just before the submit to self part. It does work in the earlier
part of the form but later the same statement gives a blank value. (What I
originally tried to do was simly to do this:
<FORM METHOD="post" ACTION="https:/website.com/page.asp?prm=" &
request.querystring("prmname")
I also tried to pass its value to a variable in the early part but the
variable was empty when reaching the above code.

But between the two statements there are alternating html and asp sections,
perhaps variables and the querystring don't keep values between these?
I'd prefer to do it with a variable because it seems more secure than a
hidden textbox.

Thanks again
"Evertjan." wrote:

> =?Utf-8?B?YXNwcXVlcnJpZXI=?= wrote on 22 nov 2008 in
> microsoft.public.inetserver.asp.general:
>
> > Hi, I have a question on ASP (not .NET) I need (due to a strange ASP
> > page design I am modifying) to pass a value from the querystring
> > (which is received from the URL calling the form) to a HTML Submit
> > input box so that it will be passed on to the form itself in a
> > secondary iteration (the form is used as submitting to itself with
> > many other values in user typed input fields which are passed
> > succesfully). If I try to pass the querystring to a variable, and read
> > the variable, it is empty after the user clicks 'submit'. So the
> > question is, how does one programmatically populate a HTML text field
> > with a value from the quesrystring (URL)? or, how does one
> > programmatically pass a querystring value to the form itself if it
> > submits to itself? Thanks

>
> <input value='<%=request.querystring("myValue")%>' name='myValue'>
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)
>

 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      11-23-2008
=?Utf-8?B?YXNwcXVlcnJpZXI=?= wrote on 23 nov 2008 in
microsoft.public.inetserver.asp.general:

> "Evertjan." wrote:
>> <input value='<%=request.querystring("myValue")%>' name='myValue'>


[Please do not toppost and quote signatures on usenet]

> Thanks it worked beautifully.


> Still, I don't understand why just trying to use the
> request.querystring didn't work just before the submit to self part.
> It does work in the earlier part of the form but later the same
> statement gives a blank value. (What I originally tried to do was
> simly to do this: <FORM METHOD="post"
> ACTION="https:/website.com/page.asp?prm=" &
> request.querystring("prmname")


You are doing a form-post and a de facto form-get at the same time.
This "works" somewhat but there is not much sense in it.

> I also tried to pass its value to a
> variable in the early part but the variable was empty when reaching
> the above code.


in sound code that is not possible,
a serverside variable does not loose it's value just by accident.

> But between the two statements there are alternating html and asp
> sections, perhaps variables and the querystring don't keep values
> between these?


No.

> I'd prefer to do it with a variable because it seems
> more secure than a hidden textbox.


Sorry, I do not understand what you mean,
this perhaps:

<%
temp = request.querystring("myValue")
%>
<input value='<%=temp %>' name='myValue'>

That is not more secure. If you send a variable value to the client,
that value is NOT and NEVER secure.

Do you bychance mean a [serverside, of course] session variable?

If you send the value of a session variable to the client,
also that is not secure.

A session variable value in itself is secure on the server!

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
Daniel Crichton
Guest
Posts: n/a
 
      11-24-2008
Evertjan. wrote on 22 Nov 2008 20:18:12 GMT:

> =?Utf-8?B?YXNwcXVlcnJpZXI=?= wrote on 22 nov 2008 in
> microsoft.public.inetserver.asp.general:


>> Hi, I have a question on ASP (not .NET) I need (due to a strange ASP
>> page design I am modifying) to pass a value from the querystring
>> (which is received from the URL calling the form) to a HTML Submit
>> input box so that it will be passed on to the form itself in a
>> secondary iteration (the form is used as submitting to itself with
>> many other values in user typed input fields which are passed
>> succesfully). If I try to pass the querystring to a variable, and
>> read the variable, it is empty after the user clicks 'submit'. So the
>> question is, how does one programmatically populate a HTML text field
>> with a value from the quesrystring (URL)? or, how does one
>> programmatically pass a querystring value to the form itself if it
>> submits to itself? Thanks


> <input value='<%=request.querystring("myValue")%>' name='myValue'>


I would highly recommend not doing that. At the very least do some basic
handling of the querystring value:

<input value='<%=server.htmlencode(request.querystring("m yValue"))%>'
name='myValue'>

Without the server.htmlencode call the browser can pass HTML or script code
into the page and have it rendered within the page on the site, leaving
visitors who follow a malicious link open to potential risk. For instance,
with very little in the value the link could close the form and then open a
new one, so that the form contents are sent to an entirely different server
than the visitor expected.

--
Dan


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
global filter to redirect asp (old asp!) pages on asp.net site Daves ASP .Net 2 05-31-2006 08:33 AM
2.0: asp:Menu, asp:XmlDataSource, asp:PlaceHolder R.A.M. ASP .Net 1 03-29-2006 07:55 AM
[ASP.NET1.1]Should I kill the ASP.NET worker process after recompilingmy ASP.NET webservice? Andrea Raimondi ASP .Net 1 02-06-2006 08:10 AM
ASP.Net cookie -> ASP -> ASP.Net Ben ASP .Net 3 05-28-2004 03:35 PM
LOOP through an ASP form's pages (not ASP.NET - ASP classic) David A. Beck ASP General 10 04-13-2004 05:38 PM



Advertisments