Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CLASSIC ASP INSERT statement with parameters

Tags:

asp-classic

ado

I have to mantain a ASP 3.0 website...

And I would like to protect sql statements.

The select statements I could protect with this code:

set cmd = Server.createObject("adodb.command")

cmd.commandText = "select from Foo where id=?"

set cmd.activeConnection = someConnection

set rs = cmd.execute(rows_affected, Array(42))

But I can't make it to work when I replace the select by update or insert statements.

Can anyone help me?

the code i am trying is:

sqlS1 = "INSERT into users (nome2) values (?)"

arParams = 1

set cmd = createobject("ADODB.Command") 

cmd.CommandText = sqlS1 

cmd.ActiveConnection = session("bdc")

cmd.Execute(,arParams,adExecuteNoRecords)
like image 576
Paulo Avatar asked Jun 12 '26 01:06

Paulo

1 Answers

That should run if you drop the parentheses:

cmd.Execute , arParams, adExecuteNoRecords

Or

cmd.Execute recs, arParams, adExecuteNoRecords
Response.write recs & " updated"
like image 139
Fionnuala Avatar answered Jun 16 '26 00:06

Fionnuala
Sign in to Comment

Related questions

If condition not working in classic ASP
Does anyone know of a syntax checker for classic ASP?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!