I'm going freefall here and completely write what I think might be true of how this is done. I'm trying to update my table of members. In the SQL database there are these sections:
"member.number,
firstname,
lastname,
telephone,
pers.id,
fee,
password."

Only firstname, lastname, telephone, pers.id, password shall be inserted into the members table. here is my code:

----------------------------------------------------------------------------
<html>

<head>
<title>Create user</title>
</head>

<body>
<center><H1>fill in here</H1>

<FORM METHOD=POST ACTION="update.code.asp">
Firstname: <INPUT TYPE="text" NAME="firstname" size="20"><BR>
Lastname: <INPUT TYPE="text" NAME="lastname" size="20"><BR>
Telephone: <INPUT TYPE="text" NAME="telephone" size="20"><BR>
Personal ID: <INPUT TYPE="text" NAME="persid" size="20"><BR>
Password: <INPUT TYPE="password" NAME="password" size="20"><BR>
<INPUT TYPE="submit" VALUE="add">
<INPUT TYPE="reset" VALUE="erase">

</FORM>
</center>
</body>
</html>
----------------------------------------------------------------------------


<HTML>
<HEAD>
<TITLE> update</TITLE>
</HEAD>

<BODY>
<%

session("firstname")=firstname
session("lastname")=lastname
session("telephone")=telephone
session("persid")=persid
session("password")=password

set dbconn=Server.CreateObject("ADODB.Connection")
dhdb ="Driver={SQL Server};Server=127.0.0.1;DATABASE=****;UID=****;PWD=****;"
dbconn.Open(dhdb)

Set rs = Server.CreateObject("ADODB.Recordset")
sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES("firstname","lastname","telephone","persid","password")"
set rs=dbconn.Execute(sqlQuery)

response.redirect("login.asp")

rs.Close
dbconn.Close
%>
</BODY>
</HTML>
------------------------------------------------------------------------------------

Thanks in advance. I don't have the opporturnety to try this myself untill late tomorrow so I would really appriciate some feedback from you guys :) you rock!

Hi.

In your preamble, you call the personal ID "pers.id".

In Create User and Update, you call it "persid".

Also, I notice that while you note it in your preamble, your record set does not define the record number in the database. Not being a programmer or database type, am I to assume that the system takes care of this automatically, without you having to define this?

Originally posted by Redcap
Hi.

In your preamble, you call the personal ID "pers.id".

In Create User and Update, you call it "persid".

Also, I notice that while you note it in your preamble, your record set does not define the record number in the database. Not being a programmer or database type, am I to assume that the system takes care of this automatically, without you having to define this?

Thanks, I have pers.id as an entity in my database, but I have it as persid in my code. Might be better to go with a standard :) thanks.

I don't know about the recordset. anyone know if this is a problem in my code?

thanks again

sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES("firstname","lastname","telephone","persid","password")"
The quotes in the quotes should be escaped.

And

I am not sure about this but
response.redirect("login.asp")
does response.redirect work after content has been sent to the browser because it doesn't in php.

Originally posted by azlatin2000
sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES("firstname","lastname","telephone","persid","password")"
The quotes in the quotes should be escaped.

And

I am not sure about this but
response.redirect("login.asp")
does response.redirect work after content has been sent to the browser because it doesn't in php.

So it should be:

sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES(firstname,lastname,telephone,persid,password)" ?

And how is it done in php if I want to go to another site when I'm done with my update?

ok I added this instead at the bottom of the asp site:

-----------------------------------------------------------------
.....
.....
.....
Set rs = Server.CreateObject("ADODB.Recordset")
sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES(firstname,lastname,telephone,persid,password)"
set rs=dbconn.Execute(sqlQuery)

exists=false

Do While Not rs.EOF

temp=rs("password")

if password=temp then
exists=true
End if
rs.MoveNext
Loop


If exists then
response.redirect("login.asp")
else

response.redirect("index.htm")

End if

rs.Close
dbconn.Close
%>
</BODY>
</HTML>

-------------------------------------------------------------
do you think this will work or might it have the same problem as before that response.redirect might not work after content has been sent to the browser?

sqlQuery="INSERT INTO members(firstname,lastname,telephone,pers.id,password)
VALUES(\"firstname\",\"lastname\",\"telephone\",\"persid\",\"password\")"

How are you generating persid? Shouldnt it be an autogenerated field if you are going to ensure uniqueness actross records?

I have a unique member_number. That is automaticly added when I fill in my data. I have it fixed now thanks everyone. though I had to use & instead of / thanks again.