Inserting a record into a SQL server Database

[welshone]

Hello,
I can upload files using asp, but when I try and store the location and filename into a database it created a new row but there is no info. there.
I think it is to do with ENCTYPE="multipart/form-data" is used when uploading. because when I remove this line the data is entered into the database but the file isn't uploaded.

Is there a way I can ENCRYPT the file after the location and name has been saved ?


at present i Do the encryption when I post the data.


This is the first page where I choose the Filename and name:

<HTML>
<HEAD>
<META NAME=&quot;GENERATOR&quot; Content=&quot;Microsoft Visual Studio 6.0&quot;>
<TITLE></TITLE>
</HEAD>
<BODY>
<FORM METHOD=&quot;POST&quot; ENCTYPE=&quot;multipart/form-data&quot; ACTION=&quot;uploadexmple.asp&quot;>
<TABLE BORDER=0>
<tr><td><b>Enter your fullname:</b><br><INPUT TYPE=TEXT SIZE=40 NAME=&quot;FULLNAME&quot;></td></tr>
<tr><td><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=&quot;FILE1&quot;></td></tr>
<tr><td><b>Save To:</b>&nbsp;&nbsp;
Disk&nbsp;<INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;disk&quot; checked>&nbsp;&nbsp;
Database&nbsp;<INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;database&quot;>
</td></tr>
<tr><td align=&quot;center&quot;><INPUT TYPE=SUBMIT VALUE=&quot;Upload&quot;></td></tr>
</TABLE>
</FORM>
</BODY>
</HTML>


I am using the following code to insert the location and name into the db :

<%

'Declare all local variables

dim conn
dim strSQL

strsql = &quot;&quot;
'set connection string to local variable-I use a DSN-less connection

If IsObject(Session(&quot;EDNoticeBoard_conn&quot) Then
Set conn = Session(&quot;EDNoticeBoard_conn&quot
Else
Set conn = Server.CreateObject(&quot;ADODB.Connection&quot
conn.open &quot;EdNoticeBoard&quot;,&quot;Ednoticeboard&quot;,&quot;ednoticeboard&quot;
Set Session(&quot;EdNoticeBoard_conn&quot = conn
End If
%>
<%
'build the sql statement based on the input from the form

strSQL = &quot;INSERT INTO tblphotos(name, photo)&quot;
strSQL = strSQL & &quot; SELECT &quot;
strSQL = strSQL & &quot;'&quot; & Request(&quot;FULLNAME&quot & &quot;' as name,&quot;
strSQL = strSQL & &quot;'&quot; & Request(&quot;FILE1&quot & &quot;' as photo&quot;

conn.execute(strSQL)
conn.close
set conn = nothing
%>



thank you in advance
Jamie

 

[link9]

you could read it into a hidden form variable:

<FORM METHOD=&quot;POST&quot; ENCTYPE=&quot;multipart/form-data&quot; ACTION=&quot;uploadexmple.asp&quot; onSubmit=&quot;readFile();&quot;>

<script language=javascript>
function readFile(){
var theLocation = document.forms[0].FILE1.value;
document.forms[0].fileLocation.value = theLocation;
}
</script>

and add the following form element to your form:
<input type=hidden name=fileLocation>

Then, you can just request it like you do the users' name.


paul

 

[welshone]

I have tried this, but the table is still blank : ?

<HTML>
<HEAD>
<META NAME=&quot;GENERATOR&quot; Content=&quot;Microsoft Visual Studio 6.0&quot;>
<TITLE></TITLE>
</HEAD>


<BODY>
<FORM METHOD=&quot;POST&quot; ENCTYPE=&quot;multipart/form-data&quot; ACTION=&quot;uploadexmple.asp&quot; onsubmit=&quot;readfile();&quot;>

<script language=javascript>  
function readfile(){
 var thelocation = document.forms[0].FILE1.value;
 document.forms[0].filelocation.value = thelocation;
}
</script>

<TABLE BORDER=0>
<tr><td><b>Enter your fullname:</b><br><INPUT TYPE=TEXT SIZE=40 NAME=&quot;FULLNAME&quot;></td></tr>
<tr><td><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=&quot;FILE1&quot;></td></tr>
<tr><td><b>Save To:</b>&nbsp;&nbsp;
<tr><td><INPUT TYPE=TEXT SIZE=40 NAME=&quot;filelocation&quot;></td></tr>

Disk&nbsp;<INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;disk&quot; checked>&nbsp;&nbsp;
Database&nbsp;<INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;database&quot;>
</td></tr>
<tr><td align=&quot;center&quot;><INPUT TYPE=SUBMIT VALUE=&quot;Upload&quot;></td></tr>
</TABLE>
</FORM>
</BODY>
</HTML>

 

[link9]

but the script works, so the location of the file is being passed in that text field... i just tested your code verbatim.

Are you picking up the value of that text field in your asp, and plugging it in that way?

dim fileLocation
fileLocation = request.form(&quot;fileLocation&quot

 

[welshone]

yeah, I'm picking up the values from one asp page, then requesting then in my sql to insert. ?

 

[link9]

Ok, so let's see that code and start tracking down where the breakdown in communication is.

 

[welshone]

The code is posted in the original post.
cheers

 

[link9]

I'll leave you with one parting thought then. As I stated, you'll need to pick up a separate variable that will now hold the location of your file. Included in the original post? No. Sure that it's picking up properly? No.

Not much more I can help you with if you won't post your modified code.

good luck.
paul

 

[welshone]

Sorry mate, here it is :

<HTML>
<HEAD>
<META NAME=&quot;GENERATOR&quot; Content=&quot;Microsoft Visual Studio 6.0&quot;>
<TITLE></TITLE>
</HEAD>


<BODY>
<FORM METHOD=&quot;POST&quot; ENCTYPE=&quot;multipart/form-data&quot; ACTION=&quot;uploadexmple.asp&quot; onsubmit=&quot;readfile();&quot;>

<script language=javascript>  
function readfile(){
 var thelocation = document.forms[0].FILE1.value;
 document.forms[0].filelocation.value = thelocation;
}
</script>

<TABLE BORDER=0>
<tr><td><b>Enter your fullname:</b><br><INPUT TYPE=TEXT SIZE=40 NAME=&quot;FULLNAME&quot;></td></tr>
<tr><td><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=&quot;FILE1&quot;></td></tr>
<tr><td><b>Save To:</b>  
<tr><td><INPUT TYPE=TEXT SIZE=40 NAME=&quot;filelocation&quot;></td></tr>

Disk <INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;disk&quot; checked>  
Database <INPUT TYPE=RADIO NAME=&quot;saveto&quot; value=&quot;database&quot;>
</td></tr>
<tr><td align=&quot;center&quot;><INPUT TYPE=SUBMIT VALUE=&quot;Upload&quot;></td></tr>
</TABLE>
</FORM>
</BODY>
</HTML>

then the connection to the database is :


<p align=&quot;center&quot;><b><font size=&quot;+3&quot;> done </font><</b></p>

<%

'Param = Request.QueryString(&quot;Param&quot
'Data = Request.QueryString(&quot;Data&quot
'Declare all local variables

dim conn
dim strSQL

strsql = &quot;&quot;
'set connection string to local variable-I use a DSN-less connection

'If IsObject(Session(&quot;EDNoticeBoard_conn&quot) Then
' Set conn = Session(&quot;EDNoticeBoard_conn&quot
'Else
Set conn = Server.CreateObject(&quot;ADODB.Connection&quot
conn.open &quot;EdNoticeBoard&quot;,&quot;Ednoticeboard&quot;,&quot;ednoticeboard&quot;
Set Session(&quot;EdNoticeBoard_conn&quot = conn
'End If
%>
<%
'build the sql statement based on the input from the form

strSQL = &quot;INSERT INTO tblphotos(name, photo)&quot;
strSQL = strSQL & &quot; SELECT &quot;
strSQL = strSQL & &quot;'&quot; & Request(&quot;FULLNAME&quot & &quot;' as name,&quot;
strSQL = strSQL & &quot;'&quot; & Request(&quot;filelocation&quot & &quot;' as photo&quot;

'Use the execute method of the connection object the insert the record
conn.execute(strSQL)
conn.close
set conn = nothing
%>