Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
-
Server.HTMLEncode use/overuse
Hello, Would there be any use/benefit to using Server.HTMLEncode with parametized SQL? For example. Set conn = Server.CreateObject("ADODB.Connection") conn.CursorLocation = adUseServer conn.open cStr_TMD Set cmd = Server.CreateObject("ADODB.Command") cmd.ActiveConnection = conn...- rahlquist
- Thread
- Replies: 1
- Forum: Microsoft: ASP (Active Server Pages)
-
Converting data connections to use parameters
Nm. I got it. <% Set conn = Server.CreateObject("ADODB.Connection") conn.CursorLocation = adUseServer conn.open cStr_Local Set cmd = Server.CreateObject("ADODB.Command") cmd.ActiveConnection = conn cmd.CommandText = "dbo.MyServiceHist" cmd.CommandType = adCmdStoredProc...- rahlquist
- Post #4
- Forum: Microsoft: ASP (Active Server Pages)
-
Converting data connections to use parameters
Chris, SQL Sever 2008? Here is another example Original; <% Set conn = Server.CreateObject("ADODB.Connection") conn.CursorLocation = adUseServer conn.open cStr_Local sql ="dbo.MyServiceHist @MyID='" & Request.QueryString("My") & "',@BeginDate='" &...- rahlquist
- Post #3
- Forum: Microsoft: ASP (Active Server Pages)
-
Converting data connections to use parameters
Hello, Currently in process of updating a site and fixing some quick security loopholes prior to a much more thorough sweep. ASP isnt my strong point and I was wondering if someone could show me the proper changes to make to this connection to make it call its stored procedure using parameters...- rahlquist
- Thread
- Replies: 3
- Forum: Microsoft: ASP (Active Server Pages)
