Greetings,
I am a novice programmer who knows nothing about .NET, I mostly work on PHP. So please use small words so I can understand
We have a .NET application that handles user submissions to bid on contracts. The data is housed in an Access file on the web server along with the asp files.
There is an option to edit the user account details, to change their contact information and such. One user is having a problem with it updating, and I have tried it myself with no success. When you attempt to change any of his data, the page will hang and timeout. I am able to change details on every other users (the 5 I tried anyhow) without a problem. I checked the database to make sure there was nothing odd with his profile and I don't see anything. I know this app sometimes has a problem with punctuation, but nothing unusual in this.
Thanks for your help.
I am a novice programmer who knows nothing about .NET, I mostly work on PHP. So please use small words so I can understand
We have a .NET application that handles user submissions to bid on contracts. The data is housed in an Access file on the web server along with the asp files.
There is an option to edit the user account details, to change their contact information and such. One user is having a problem with it updating, and I have tried it myself with no success. When you attempt to change any of his data, the page will hang and timeout. I am able to change details on every other users (the 5 I tried anyhow) without a problem. I checked the database to make sure there was nothing odd with his profile and I don't see anything. I know this app sometimes has a problem with punctuation, but nothing unusual in this.
Thanks for your help.
Code:
<!--#include file ="security.asp"-->
<html>
<head><title>Request For Qualifications Application System</title>
<link rel="stylesheet" type="text/css" href="i/style.css">
</head>
<body bgcolor="#48556E" marginheight="0" marginwidth="0" leftmargin="0" rightmargin="0" topmargin="0" bottommargin="0">
<center>
<img src="i/pixel.gif" height=6><br>
<img src="i/rfq_logo1.jpg"><br>
<img src="i/otda_logo.jpg"><br>
<table width="720" border=0 cellspacing=0 cellpadding=0 bgcolor="#eff3f7">
<tr>
<td><img src="i/light_top_left.gif" width="34" height="10" border="0"></td>
<td width="40%" align="right"><img src="i/light_top_right.gif" width="34" height="10" border="0"></td>
</tr>
<tr>
<td><div class="small">Today is <%=Date()%> | You are logged in as <u><%=session("username")%></u> | <b><a href="logout.asp">Logout</a></div></td>
<td align=right><div class="small">For help email: <a href="mailto:email">email</a></div></td>
</tr>
<tr>
<td colspan=2><hr size=1 width="100%" color="#adbace">
</td>
</tr>
<tr>
<td colspan=2 align=center>
<table border=0 cellpadding=1 cellspacing=0 width="99%">
<tr>
<td align=center width="10%"><a href="app_home.asp" class="two">main</a>
</td>
<td align=center width="13%"><a href="app_applications.asp" class="two">applications</a>
</td>
<td align=center width="13%"><img src="i/arrow.gif"> <a href="#" class="two">edit profile</a>
</td>
<td align=center width="23%"><a href="app_programs.asp" class="two">programs descriptions</a>
</td>
<td align=center width="15%"><a href="app_sow.asp" class="two">scope of work</a>
</td>
<td align=center width="26%"><a href="faq.asp" class="two">frequently asked questions</a>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan=2><hr size=1 width="100%" color="#adbace">
</td>
</tr>
<tr>
<td colspan=2><div class="content">
<%
'----------------------------------------------------------------------------------------------------------------------------
If IsEmpty(session("tic_example")) Then
session("tic_example")=0
Else
if IsEmpty(request("tic_example")) Then
for each x in request.form
if request.form(x)="" or request.form(x)<>"" Then
session("tic_example")=1
End if
next
Else
session("tic_example")=request("tic_example")
End if
End if
select case session("tic_example")
case "0"
%><!--#include file ="cnn.asp"--><%
set rstemp=conntemp.Execute("SELECT Vendor_Name,Vendor_Contact_Name,Vendor_Contact_Title,Vendor_Address,Vendor_Phone,Vendor_Fax,Vendor_Email,SBO,MBE,WBE FROM Vendor_Info WHERE Vendor_ID="&session("vendorid")&" ")
alldata=rstemp.getrows
%><!--#include file ="close.asp"--><%
allhead=Array("Name","Contact Name","Contact Name Title","Address","Phone","Fax","Email")
allsessions=Array("name","contact","title","address","phone","fax","email","SBO","MBE","WBE")
numcols=ubound(alldata,1)
FOR colcounter=0 to numcols
thisfield=alldata(colcounter,0)
session(allsessions(colcounter))=thisfield
NEXT
set allsessions=nothing
set alldata=nothing
set allhead=nothing
response.flush
%>
<table cellspacing=0 cellpadding=3 border=0 align=center>
<tr>
<td colspan=2 align=center><b>Your current Profile Information
</td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td valign=top align=right width="40%"><b>Username</b>
</td>
<td width="60%"><%=session("username")%></td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td valign=top align=right><b>Organization/Individual Name</b>
</td>
<td><%=session("name")%></td>
</tr>
<tr>
<td valign=top align=right><b>Contact Name</b>
</td>
<td><%=session("contact")%></td>
</tr>
<tr>
<td valign=top align=right><b>Contact Title</b>
</td>
<td><%=session("title")%></td>
</tr>
<tr>
<td align=right><b>Address</b>
</td>
<td><%=session("address")%></td>
</tr>
<tr>
<td valign=top align=right><b>Phone Number</b>
</td>
<td><%=session("phone")%></td>
</tr>
<tr>
<td valign=top align=right><b>Fax Number</b>
</td>
<td><%=session("fax")%></td>
</tr>
<tr>
<td valign=top align=right><b>Email</b>
</td>
<td><%=session("email")%></td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td colspan=2 align=center><b>Terms that apply to your organization
</td>
</tr>
<tr>
<td colspan=2><table border=0 cellpadding=3><tr>
<td align=center><b>Small Business Organization</b><br><%=session("SBO")%></td>
<td align=center><b>Minority-Owned or Directed</b><br><%=session("MBE")%></td>
<td align=center><b>Women-Owned or Directed</b><br><%=session("WBE")%></td>
</tr></table></td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td colspan=2 align=center><form action="app_user_edit.asp" method=post><input type=hidden name="tic_example" value=2><input type=submit value="Edit Your Profile" class="input"></form>
</td>
</tr>
</table>
<%
case "1"
Call ValidateData(request("username"),request("password"),request("password2"),request("b_name"),request("b_contact_name"),request("b_contact_title"),request("b_address"),request("b_phone"),request("b_fax"),request("b_email"),request("SBO"),request("MBE"),request("WBE"))
%><!--#include file ="cnn.asp"--><%
conntemp.Execute("UPDATE Vendor_Info SET Vendor_Name='"&Replace(session("name"),"'","''")&"',Vendor_Contact_Name='"&Replace(session("contact"),"'","''")&"',Vendor_Contact_Title='"&Replace(session("title"),"'","''")&"',Vendor_Address='"&Replace(session("address"),"'","''")&"',Vendor_Phone='"&session("phone")&"',Vendor_Fax='"&session("fax")&"',Vendor_Email='"&session("email")&"',SBO='"&session("SBO")&"',MBE='"&session("MBE")&"',WBE='"&session("WBE")&"' WHERE Vendor_ID="&session("vendorid")&" ")
%><!--#include file ="close_cnn.asp"-->
<table cellspacing=0 cellpadding=3 border=0 align=center>
<tr>
<td colspan=2 align=center><b>You've updated Your Profile with the following information.<br> You WILL be able to edit it later.
</td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td valign=top align=right width="40%"><b>Username</b>
</td>
<td width="60%"><%=session("user")%></td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td valign=top align=right><b>Organization/Individual Name</b>
</td>
<td><%=session("name")%></td>
</tr>
<tr>
<td valign=top align=right><b>Contact Name</b>
</td>
<td><%=session("contact")%></td>
</tr>
<tr>
<td valign=top align=right><b>Contact Title</b>
</td>
<td><%=session("title")%></td>
</tr>
<tr>
<td align=right><b>Address</b>
</td>
<td><%=session("address")%></td>
</tr>
<tr>
<td valign=top align=right><b>Phone Number</b>
</td>
<td><%=session("phone")%></td>
</tr>
<tr>
<td valign=top align=right><b>Fax Number</b>
</td>
<td><%=session("fax")%></td>
</tr>
<tr>
<td valign=top align=right><b>Email</b>
</td>
<td><%=session("email")%></td>
</tr>
<tr>
<td colspan=2><img src="pixel.gif" height=10>
</td>
</tr>
<tr>
<td colspan=2 align=center><b>Terms that apply to your organization
</td>
</tr>
<tr>
<td colspan=2><table border=0 cellpadding=3><tr>
<td align=center><b>Small Business Organization</b><br><%=session("SBO")%></td>
<td align=center><b>Minority-Owned or Directed</b><br><%=session("MBE")%></td>
<td align=center><b>Women-Owned or Directed</b><br><%=session("WBE")%></td>
</tr></table></td>
</tr>
</table>
<!--#include file ="session_cleanup.asp"-->
<%
case "2"
session("tic_example")=1
%>
<form method=post action="app_user_edit.asp">
<table cellspacing=0 cellpadding=3 border=0 align=center>
<tr>
<td colspan=2 align=center><b>Edit Your Contact Information:</b><br>
Changes will only take effect when you press "Update Your Account" button<br>
<font color=red>for security purposes, please re-enter the password</font>
</td>
</tr>
<tr>
<td valign=top align=right><b>Username</b><br><font size=1>(10 characters)
</td>
<td>
<input class="inputText" name="username" type="text" size=25 value="<%=session("username")%>"><br>
<%If Not IsEmpty(session("err_user")) Then
response.write "<font size=1 color=red>Has to be 10 characters and can't contain odd characters</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Password</b><br><font size=1>(10 characters)
</td>
<td>
<input type=password name="password" type="text" size=25 class="inputText"><br>
<%If Not IsEmpty(session("err_password")) Then
response.write "<font size=1 color=red>Can't contain odd characters or be empty</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Confirm Password
</td>
<td><input type=password name="password2" type="text" size=25 class="inputText">
</td>
</tr>
<tr>
<td valign=top align=right><b>Organization/Individual Name</b>
</td>
<td>
<input name="b_name" type="text" size=34 value="<%=session("name")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_name")) Then
response.write "<font size=1 color=red>Can't contain odd characters or be empty</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Contact Name</b>
</td>
<td>
<input name="b_contact_name" type="text" size=25 value="<%=session("contact")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_contact")) Then
response.write "<font size=1 color=red>Can't contain odd characters or be empty</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Contact Title</b><br><font size=1>(ex. President, VP)
</td>
<td>
<input name="b_contact_title" type="text" size=25 value="<%=session("title")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_title")) Then
response.write "<font size=1 color=red>Can't contain odd characters or be empty</font>"
End if%>
</td>
</tr>
<tr>
<td valign=top align=right><b>Address</b><br><font size=1>(ex. 123 Digits St, City, NY 11111)
</td>
<td>
<input name="b_address" type="text" size=40 value="<%=session("address")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_address")) Then
response.write "<font size=1 color=red>Address was entered incorrectly, follow the format above</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Phone Number</b><br><font size=1>(ex. 111-222-3333)
</td>
<td>
<input name="b_phone" type="text" size=25 value="<%=session("phone")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_phone")) Then
response.write "<font size=1 color=red>Phone was entered incorrectly, follow the format</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Fax Number</b><br><font size=1>(ex. 111-222-3333)
</td>
<td>
<input name="b_fax" type="text" size=25 value="<%=session("fax")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_fax")) Then
response.write "<font size=1 color=red>Fax was entered incorrectly, follow the format<br>or enter 000-000-0000 if you don't have one</font><br>"
End if%>
</td>
</tr>
<tr>
<td align=right valign=top><b>Email</b><br><font size=1>(ex. someone@some.com)
</td>
<td>
<input name="b_email" type="text" size=25 value="<%=session("email")%>" class="inputText"><br>
<%If Not IsEmpty(session("err_email")) Then
response.write "<font size=1 color=red>Enter a valid email address</font><br>"
End if%>
</td>
</tr>
<tr>
<td colspan=2 align=center><b>Check all terms that apply to your organization
</td>
</tr>
<tr>
<td colspan=2>
<table border=0 cellpadding=3>
<tr>
<td align=center><b>Small Business Organization<br>
<select name='SBO' class="select">
<%If session("SBO")="No" Then%>
<option value='No' selected>NO</option>
<option value='Yes'>YES</option>
<%Else%>
<option value='No'>NO</option>
<option value='Yes' selected>YES</option>
<%End if%>
</select>
</td>
<td align=center><b>Minority-Owned or Directed<br>
<select name='MBE' class="select">
<%If session("MBE")="No" Then%>
<option value='No' selected>NO</option>
<option value='Yes'>YES</option>
<%Else%>
<option value='No'>NO</option>
<option value='Yes' selected>YES</option>
<%End if%>
</select>
</td>
<td align=center><b>Women-Owned or Directed<br>
<select name='WBE' class="select">
<%If session("WBE")="No" Then%>
<option value='No' selected>NO</option>
<option value='Yes'>YES</option>
<%Else%>
<option value='No'>NO</option>
<option value='Yes' selected>YES</option>
<%End if%>
</select>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan=2 align=center><input type="submit" value="Update Your Account" class="input">
</td>
</tr>
</table>
</form>
<% end select
Sub ValidateData(user,password,password2,name,contact,title,address,phone,fax,email,SBO,MBE,WBE)
bad = 0
If Not CheckString(user, "^([A-Za-z0-9_]{5,12})$") then
bad=1
session("err_user")=1
session("user")=user
Else
session.contents.remove("err_user")
session("user")=user
End If
if password=password2 Then
If Not CheckString(password, "^([A-Za-z0-9_]{5,12})$") then
bad=1
session("err_password")=1
session("password")=password
Else
session.contents.remove("err_password")
session("password")=password
End If
else
bad=1
session("err_password")=1
End IF
If NOT CheckString(name, "^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$") then
bad=1
session("err_name")=1
session("name")=name
Else
session.contents.remove("err_name")
session("name")=name
End If
If NOT CheckString(contact, "^[a-zA-Z]+(([\'\,\.\- ][a-zA-Z ])?[a-zA-Z]*)*$") then
bad=1
session("err_contact")=1
session("contact")=contact
Else
session.contents.remove("err_contact")
session("contact")=contact
End If
If Not CheckString(title, "^[a-zA-Z\s]{3,40}$") then
bad=1
session("err_title")=1
session("title")=title
Else
session.contents.remove("err_title")
session("title")=title
End If
If Not CheckString(address, "^([A-Za-z0-9_,?'!\s.]{1,250})$") then
bad=1
session("err_address")=1
session("address")=address
Else
session.contents.remove("err_address")
session("address")=address
End If
If NOT CheckString(phone, "^\d{3}\-\d{3}\-\d{4}$") then
bad=1
session("err_phone")=1
session("phone")=phone
Else
session.contents.remove("err_phone")
session("phone")=phone
End If
If NOT CheckString(fax, "^\d{3}\-\d{3}\-\d{4}$") then
bad=1
session("err_fax")=1
session("fax")=fax
Else
session.contents.remove("err_fax")
session("fax")=fax
End If
If NOT CheckString(email, "^[\w-]+(\.[\w-]+)*@([\w-]+\.)+[a-zA-Z]{2,7}$") then
bad=1
session("err_email")=1
session("email")=email
Else
session.contents.remove("err_email")
session("email")=email
End If
session("SBO")=SBO
session("MBE")=MBE
session("WBE")=WBE
If bad <> 0 then
'Well , if bad <> 0 then something
'must be wrong
session("tic_example")=2
response.redirect("app_user_edit.asp")
End If
End Sub
Function CheckString(strToCheck, strRegExp)
Dim re
Set re = new RegExp
re.IgnoreCase = false
re.global = false
re.Pattern = strRegExp
CheckString = re.Test(strToCheck)
End Function
'----------------------------------------------------------------------------------------------------------------------------
%>
</div>
</td>
</tr>
<tr>
<td colspan=2 align=center><hr size=1 width="100%" color="#adbace"><div class="small">For help email: <a href="mailto:email">email</a></div>
</td>
</tr>
<tr>
<td><img src="i/light_bottom_left.gif" width="34" height="10" border="0"></td>
<td width="40%" align="right"><img src="i/light_bottom_right.gif" width="34" height="10" border="0"></td>
</tr>
</table>
</body>
</html>
<%
'for each x in Session.Contents
' Response.Write(x & "=" & Session.Contents(x) & "<br />")
'next
%>