проблема в получении записей на основе нескольких значений формы из базы данных в ASP? - PullRequest
Новая
       0

проблема в получении записей на основе нескольких значений формы из базы данных в ASP?

0 голосов
/ 24 июня 2011

Я не могу получить записи из Oracle на основе нескольких входов.

Вот мой код:

Search.asp 

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>SearchMDFnode</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head> 

<body bgcolor="#99CCFF">

<p align="center"><font color="#9966CC" size="5" face="Georgia, Times New Roman, Times, serif"><strong>Records</strong></font></p>
  <style>
    A:link {text-decoration: none;color: blue;}
    A:visited {text-decoration: none;}
    A:hover {text-decoration:underline; color: red;}
</style>
  <script>
    function updateDate(fname){
        var instDate = showModalDialog('upd_date.html','Select Date','dialogHeight:375px;dialogWidth:287px;status:no;resizable:no;help:no;');
        if (instDate == -1 || instDate == null){        
            alert("You did not select any date.")
            fname.focus()
        } else {
            fname.value = instDate
        }
    }
    function findNull(frm,tname,optnull,optorder){
        var nfname = optnull.value
        var ofname = optorder.value
        frm.action = "MDFnodeDisplayTable.asp?opt=" + tname + "&nfield=" + nfname + "&order=" + ofname
        frm.submit()
    }

</script>      

  <form name="SearchMDFnode" action="Display.asp?opt=MDFnode" method="post">
    <table width="68%" border="1" align="center" cellpadding="3" cellspacing="2">
    <table width="94%" border="1" align="center" cellpadding="3" cellspacing="2">
      <tr>
        <td width="19%">CCP_CODE</td>
        <td width="22%"><strong>
          <select name="CCP_CODE" id="select4" title="BLOCK_HOUSE">
            <option></option>
            <option>AM</option>
            <option>AR</option>
            <option>BD</option>
            <option>BP</option>
            <option>CG</option>
            <option>CT</option>
            <option>CY</option>
            <option>ES</option>
            <option>GL</option>
            <option>HG</option>
            <option>JE</option>
            <option>JR</option>
            <option>JW</option>
            <option>KT</option>
            <option>NT</option>
            <option>OC</option>
            <option>PL</option>
            <option>QT</option>
            <option>TB</option>
            <option>TP</option>
            <option>TS</option>
          </select>
        </strong></td>
        <td width="19%">NODE_SITE_ID</td>
        <td width="40%"><strong>
          <input name="NODE_SITE_ID" type="text" id="NODE_SITE_ID" size="10" maxlength="10" title="NODE_SITE_ID(max 7 digits)">
        </strong></td>
      </tr>
      <tr>
        <td>STREET_NAME</td>
        <td><strong>
          <input name="STREET_NAME" type="text" id="STREET_NAME" size="30" maxlength="30" title="STREET_NAME(max 30 digits)">
        </strong></td>
        <td>BUILDING_NAME</td>
        <td><strong>
          <input name="BUILDING_NAME" type="text" id="BUILDING_NAME" size="25" maxlength="25" title="BUILDING_NAME(max 7 digits)">
        </strong></td>
      </tr>
      <tr>
        <td height="38">BLOCK_HOUSE</td>
        <td><strong>
          <select name="BLOCK_HOUSE" id="select3" title="BLOCK_HOUSE">
            <option></option>
            <option>BLOCK</option>
            <option>HOUSE</option>
          </select>
        </strong></td>
        <td>BLOCK_DESC_NO</td>
        <td><strong>
          <input name="BLOCK_DESC_NO" type="text" id="BLOCK_DESC_NO" size="6" maxlength="6" title="BLOCK_DESC_NO(max 6 digits)">
        </strong></td>
      </tr>
      <tr>
        <td>REMARK</td>
        <td><strong>
          <input name="REMARK" type="text" id="REMARK" size="50" maxlength="50" title="REMARK(max 50 char)">
        </strong></td>
        <td>EQ_RM</td>
        <td><strong>
          <input name="EQ_RM" type="text" id="EQ_RM" size="3" maxlength="3" title="EQ_RM(max 6 digits)">
        </strong></td>
      </tr>
      <tr>
        <td>TYPE</td>
        <td><strong>
          <select name="EQ_TY" id="select" title="EQ_TY">
            <option>CE</option>
            <option></option>
          </select>
        </strong></td>
        <td>CE_TY</td>
        <td><strong>
          <input name="CE_TY" type="text" id="CE_TY" size="10" maxlength="10" title="CE_TY(max 6 digits)">
        </strong></td>
      </tr>
      <tr>
        <td height="32">STATUS</td>
        <td><strong>
          <select name="STATUS" id="select2" title="EQ_TY">
            <option></option>
            <option>-</option>
            <option>Site Survey</option>
            <option>Survey Done</option>
            <option>Document Sent</option>
            <option>Equipment Installed</option>
            <option>Commissioned</option>
            <option>Cancelled</option>
          </select>
        </strong></td>
        <td>NO</td>
        <td><strong>
          <input name="NO" type="text" id="NO" size="3" maxlength="3" title="NO (max 7 digits)">
          <input name="UNIT_DESC_NO" type="text" id="UNIT_DESC_NO" size="2" maxlength="2" title="UNIT_DESC_NO (max 1 digits)">
          <input name="NO_ME_CCTS" type="text" id="NO_ME_CCTS" size="2" maxlength="2" title="NO_ME_CCTS (max 2 digits)">
          <input name="Rack" type="text" id="Rack" size="2" maxlength="2" title="Rack (max 1 digits)">
          <input name="INSTALL_BY" type="text" id="INSTALL_BY" size="2" maxlength="2" title="INSTALL_BY (max 2 digits)">
        </strong></td>
      </tr>
  <td height="32"><font color="#000000" size="3" face="Georgia, Times New Roman, Times, serif">Order By</font></td>
      <td colspan="5"><select name="oMDFnode">
          <option value="STATUS">STATUS</option>
          <option value="NO">NO</option>
          <option value="CCP_CODE">CCP_CODE</option>
          <option value="CCP_CODE">NODE_SITE_ID</option>
        </select>
          <select name="orMDFnode" id="orMDFnode">
            <option value="NO">NO</option>
            <option value="STATUS">STATUS</option>
            <option value="CCP_CODE">CCP_CODE</option>
            <option value="CCP_CODE">NODE_SITE_ID</option>
          </select>
          <select name="ordMDFnode" id="ordMDFnode">
            <option value="CCP_CODE">NODE_SITE_ID</option>
            <option value="CCP_CODE">NO</option>
            <option value="CCP_CODE">STATUS</option>
            <option value="CCP_CODE">CCP_CODE</option>
        </select></td>
  </tr>
    </table>
    <p align="center">
      <input type="submit" name="Submit" value="Search">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    <input type="reset" name="reset" value="Clear">
    </p>
  </form>
  <form name="commNull" method="post">
      <tr> 
        <td height="56" colspan="4"><div align="center">
          </div></td>
    </tr>
  </form> 
</body>
</html>

Display.asp 

<%  option explicit %>
<!-- METADATA TYPE = "typelib" File = "c:\Program Files\Common Files\System\ado\msado15.dll" -->
  <%
    dim strTitle
    dim strF, fname, ropt, j, i, sno, ropt1
    dim objRS, strQuery, strConn, strSort,strQuery1 
    dim strHref
    dim nodesiteid
    'dim eq_ty

   'ropt1 = request("opt1")  
   ropt = request("opt")
   'eq_ty = request("EQ_TY")
   nodesiteid = request("NODE_SITE_ID")
   strQuery1 = request("NODE_SITE_ID")

    Set objRS = Server.CreateObject("ADODB.Recordset")
    strConn = "Provider=MSDAORA.1;Password=hr;User ID=hr;Data Source=xe;Persist Security Info=True"
    strSort = ""

     strF = "CCP_CODE, NODE_SITE_ID, STREET_NAME, BLOCK_HOUSE, BLOCK_DESC_NO, UNIT_DESC_NO, BUILDING_NAME, EQ_RM, EQ_TY, CE_TY , Rack, INSTALL_BY, STATUS, NO, RFS_DATE, REMARK, NO_ME_CCTS, NO_ME_CCTS"        'these were fields in sql table as well as input name in form
     fname= split(strF,",",-1,vbtextcompare)                'split the above string to individual field         

        if trim(strQuery1) ="" then 
            strQuery = "select rowid,CCP_CODE, NODE_SITE_ID, STREET_NAME, BLOCK_HOUSE, BLOCK_DESC_NO, UNIT_DESC_NO, BUILDING_NAME, EQ_RM, EQ_TY, CE_TY , Rack, INSTALL_BY, STATUS, NO, RFS_DATE, REMARK, NO_ME_CCTS from MDF_NODE where CCP_CODE = CCP_CODE"

        else
                strQuery = "select rowid,CCP_CODE, NODE_SITE_ID, STREET_NAME, BLOCK_HOUSE, BLOCK_DESC_NO, UNIT_DESC_NO, BUILDING_NAME, EQ_RM, EQ_TY, CE_TY , Rack, INSTALL_BY, STATUS, NO, RFS_DATE, REMARK, NO_ME_CCTS from MDF_NODE where CCP_CODE = CCP_CODE and NODE_SITE_ID="
                strQuery = strQuery & "'" & strQuery1 & "'"
        end if

    strSort  =  " order by " & request("oMDFnode") & "," & request("orMDFnode")  & "," & request("ordMDFnode")
    strTitle = "Summary of Carrier Ethernet Node"

    if trim(request("nfield"))= "" then
        j=0
         for i= 0 to ubound(fname)
           if request(fname(i)) <> "" then                  'process if user input value in field
             if j=0 then 
             strQuery = strQuery & " and " & fname(i)  &  " like '" & request(fname(i)) & "' "   '1st field shd start with where clause
             j = j + 1

         else 
             strQuery = strQuery & " and " & fname(i) & " like '" & request(fname(i)) & "' "    'rest shd start with and clause
               j = j + 1

               end if
             end if
         next
         strQuery = strQuery & strSort
    else
        strQuery = strQuery & " where " & trim(request("nfield")) & " is null order by " & trim(request("order"))
    end if

     objRS.Open strQuery, strConn,adOpenStatic,adLockOptimistic,adCmdText           'open recordset query oracle database
        if objRS.eof then                                                           
            objRS.close
            set objRS = nothing
            response.write "<script>alert('No Rows Selected')</script>"                 'if eof mean NO data return
            response.write "<script>history.back()</script>"
        else
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>SdhTermDisplayTable2</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#99CCFF"><div align="center">
<p align="left"><strong> 
  <p>&nbsp;</p>
  <p> 

  </p>
  </strong> 
  <table width=945  align="center">
    <tr class="nonPrint" height=30> 

      <td width="646" nowrap style="vertical-align:middle;font:bolder 12pt verdana;" > 
        <strong>&nbsp;&nbsp;&nbsp;&nbsp; <font size="4" face="Georgia, Times New Roman, Times, serif">&nbsp;&nbsp;</font><font size="4" face="Georgia, Times New Roman, Times, serif">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
        &nbsp;Records/font></strong></td>

  </table>
  <strong>
  <% 
    if trim(request("nfield"))= "" then
        j=0
         for i= 0 to ubound(fname)
           if request(fname(i)) <> "" then                  'process if user input value in field
             if j=0 then 
             strQuery = strQuery & " where " & fname(i)  &  " like '" & request(fname(i)) & "' "   '1st field shd start with where clause
             j = j + 1
         else 
             strQuery = strQuery & " and " & fname(i) & " like '" & request(fname(i)) & "' "    'rest shd start with and clause
               j = j + 1
               end if
             end if
         next
         strQuery = strQuery & strSort
    else
        strQuery = strQuery & " where " & trim(request("nfield")) & " is null order by " & trim(request("order"))
    end if
        if objRS.eof then                                                           
            objRS.close
            set objRS = nothing
            response.write "<script>alert('No Rows Selected')</script>"                 'if eof mean NO data return
            response.write "<script>history.back()</script>"
        else
            call drawHeader(ropt)
            objRS.movefirst
            sno = sno + 1
            do until objRS.eof
                call drawB(fname)
                sno = sno + 1
                objRS.movenext
            loop
            objRS.close
            set objRS = nothing
        end if

sub drawHeader(ropt)
     response.write "<table id='tbl' table border=1 bordercolor='black' bgcolor='LavenderBlush' cellpadding=1 cellspacing=0 align=center style='BORDER-COLLAPSE: collapse;'>"
  select case ropt 
     case "MDFnode"
        response.write "<tr height=20><td><b>SNo</b></td>"
        response.write "<td style='font:bold 11pt;' width=50>Exch</b></td><td><b>Cabinet</b></td><td><b>Street Name</b></td><td><b>BLK/HSE</b></td><td><b>No</b></td><td><b>Unit</b></td><td><b>Building Name</b></td><td><b>Room</b></td><td><b>Type</b></td><td><b>Equipment Type</b></td><td><b>Rack</b></td><td><b>Inst By</b></td><td><b>Status</b></td><td><b>ID</b></td><td><b>RFS Date</b></td><td><b>Remark</b></td><td><b>No of ccts</b></td>" 
      end select
        response.write"</tr>"
      end sub

      response.write"</table>" 

sub drawbody(ropt)
   response.write "<tr>"
  select case ropt 
     case "MDFnode"
         for i= 0 to 10 
            response.write "<td>" & i & "</td>" 
         next
      end select
        response.write"</tr>"
end sub

sub drawB(ofname)
    response.write "<tr>"
        for i = 0 to ubound(ofname)
            if isnull(objRS(i)) then
                response.write "<td>&nbsp;</td>"  
            else
                if i = 0 then
                    strHref = "<a href='e_" & ropt & ".asp?tname=" & ropt & "&rowid=" & server.URLEncode(trim(objRS("rowid"))) & "'>" & sno & "</a>"
                    response.write "<td style='font:normal 12pt Arial;'>" & strHref & "</td>"  
                else
                    response.write "<td style='font:normal 12pt Arial;'>" & trim(objRS(i)) & "</td>"  
                end if
            end if 
        next
    response.write "</tr>"
end sub

end if
response.write"</table>"

%>
  </strong></p> </div>

<div align="center">
  <input type="button" value="Save as Excel" onClick="vbscript:xlsReport()">  
</div>
  </p> 
  </body>
  </html>
 <script language="VBScript">
dim r, c, colcnt,row
sub xlsReport()
    window.status = "Export to Excel ... Please Wait ..."
    dim rownow
    colcnt = tbl.cells.length / tbl.rows.length
    set xls = createobject("Excel.Application")
    xls.visible = true
    xls.workbooks.add
    xls.worksheets.add
    for c = 0 to colcnt - 1
        xls.cells(3,c+1).value = tbl.rows(0).cells(c).innerText     
    next
    row = 3
    for r = 1 to tbl.rows.length -1
        for c = 0 to colcnt - 1                 
            xls.cells(row+r,c+1).value = tbl.rows(r).cells(c).innerText     
        next
    next
    xls.cells(1,1).value = txtRpt.innerText
    set xls = nothing
    window.status = "Done"
end sub
</script>

</div>

Я получаю записи на основе CCP_Codeи NODE_SITE_ID значения.

Теперь я хочу получить значения только на основе TYPE = 'CE', но я не могу этого сделать.

Когда я ничего не выбрал по умолчанию, значение TYPE равно 'CE'.Нажмите «отправить», и это даст мне только тип CE значений.

Когда я даю CCp_code с TYPE = empty, тогда он должен дать мне все записи, основанные на CCP_Code.

Когда я выбираю CCP_CODE и NODE_SITE_ID, это должно дать мнезначения, основанные на обоих.

Когда я выбираю CCP_CODE, NODE_SITE_ID и TYPE='CE', тогда он должен давать мне значения, основанные на этих значениях.

1 Ответ

0 голосов
/ 24 июня 2011

Для начала вам нужно Google "SQL-инъекция". 

strQuery = strQuery & "'" & strQuery1 & "'"

Но для начала я запишу содержимое "strQuery" непосредственно перед objRS.Open Как только вы увидите запростекст, должно быть легко сказать, почему строки были или не были возвращены.

Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.

Нет похожих вопросов

...