Moving On
What all of this has been leading up to is a way to insert data into the database without worrying about whether or not it has punctuation that will interfere with an SQL statement. What we're going to do is create an updateable recordset, add a record to it, and set the values of that record.
Open auction_save.asp and make the changes shown in Listing 6.12.
Code Listing 6.12. auction_save.asp: Using a the constants include file
0: <%@ LANGUAGE="VBSCRIPT" %>
1: <!--#include file="adovbs.inc"--> 2: <% 3: Function nextAuctionID 4: 5: Randomize 6: nextAuctionID = int(Rnd * 1000000) 7: 8: end Function 9: %> 10:<% if Request.cookies("isLoggedInAs")("username") = "" then 11: 'user is not logged in, so they don't get to do anything %> 12: ... |
Get Active Server Pages 3.0 from Scratch now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
