Checking DB content against form data

Hi,
I'm working on a page that will check a database for a unique record containing EVERY one of the four elements that were submitted to the page through an HTML form.

If the record is located, the ASP variable "SecurityCheck" should change from 0 to 1.

Hi joestmc,

Consider:

(1) using OLEDB instead of Access Driver

(2) using an ADOCMD instead of a plain SQL statement

(3) using and validating (!) your variables ( sProctorID,...) instead of concatenating
      the - untested - content of your form elements into the SQL statement

(4) a statement like

          SELECT COUNT( ProctorID ) WHERE ProctorID = ? AND ...

     and setting SecurityCheck according to rsTest.Fields( 0 ).Value

Good luck!

ehvbs

 

Here's the latest version of the code.  It's coming together well, thank you for your feedback:
_______________________________
<%@ Language=VBScript %>
<%

dim adoConn
dim rsTest
dim strSQL
dim sProctorID
dim sProctorPW
dim sLMSCourseCode
dim sStudentID
dim sSecurityCheck

sProctorID=Request.form("ProctorID")
sProctorPW=Request.form("ProctorPW")
sLMSCourseCode=Request.form("LMSCourseCode")
sStudentID=Request.form("StudentID")
sSecurityCheck=0

Set adoConn = Server.CreateObject("ADODB.Connection")
adoConn.Open "DBQ=" & Server.Mappath("ProtcorDB.mdb") & ";Driver={Microsoft Access Driver (*.mdb)};"
 
strSQL = "select Count* From RequestRecords
where ProctorID = sProctorID AND
ProctorPW = sProctorPW AND
LMSCourseCode = sLMSCourseCode AND
StudentID = sStudentID;
"
Set rsTest = Conn.Execute(strSQL)
if rsTest.eof then
    sSecurityCheck=0
if else
rsTest(0)=0 then sSecurityCheck=0
else
rsTest(0).>0 then  sSecurityCheck=1

adoConn.Close
Set adoConn = Nothing
%>

Hi joestmc,

you are welcome. I trust that you'll post a revised version of code, as
soon as you have dealt with the syntax errors (SQL and VBScript).

Regards

ehvbs

Is that to say that you see errors (VB & SQL) in the code in it's current form?

I haven't started testing this yet, so I can't speak to how it is or isn't working but I appreciate any advice regarding errors that you see in that code.

Please let me know what you see errors or weaknesses.

Hi joestmc,

think about:

  (1) validating the user input

  (2) syntax of "select count"

  (3) syntax of if ... then ... else

  (4) the "." operator

Good luck!

ehvbs