Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Store asp script in database 1

Status
Not open for further replies.
tchaplin

tchaplin

Programmer
Jul 18, 2003
58
0
0
NZ
I have a situation where I don't wish to totally redesign a website Some comments refer to one domain name and others to another domain name. Eg New Zealand and Australia.

<% if session("CurrencyCode") = "NZD" then %>
New Zealand
<% else %>
Australia
<% end if %>

I wish to store this statement in a field associated with comments. To have this effect

NZ Domain name
"The gift basket from New Zealand...."

Aus Domain Name
"The gift basket from Australia...."

It will only be used for several items

Thansks for your comments and time

Todd




 
Sort by date Sort by votes
This is what i am entering in to teh database field

But still nothing

...selection of delightful treats from
<% if session("CurrencyCode") = "NZD" then
<Response.Write "NewwZ">
else
Response.Write "AUS"
end if %>
. Accompanied by the ...
 
Upvote 0 Downvote
I have simplified the code down to - entered into the db field Still Not Working - it will just be a string thing But what hehehe It can be frustrating

what ever & "<% Response.Write "Hello World." %>" & " the code to a s
 
Upvote 0 Downvote
You can't enter ASP code into a database field and have it processed at the server and rendered by the browser. Doesn't work that way.

If it's only for a few items then stick that perfectly functional code you have in the pages in question and run it off the session variable value.

 
Upvote 0 Downvote
I didnt see anything about a database in any of your code.
 
Upvote 0 Downvote
That’s right I was intending to white the code into a database field. When it was retrieved I was hoping it could be executed. However I’ve been told through the above post that it doesn't work that way. So will have to insert the code with in the pages its self.

Thanks for your time
 
Upvote 0 Downvote
Well technically you can do it but it leads to so many potential security problems that its best to pretend that you can't and find a different technique.
 
Upvote 0 Downvote
Well technically you can do it [/code]

Ok. Give me (us) the fast lesson if you have the time- I didn't think it was possible and I'm curious.
Click to expand...
 
Upvote 0 Downvote
Doing this opens you up to the same kinds of security problems associated with SQL Injection except, with this technique it is your web server that could execute a bad command instead of your database server... even the dumbest of script-kiddies will try [tt]del c:\*.*[/tt] which could be a problem depending on if you also changed the default security model away from the IUSR_<machinename> account.

This will get you started:

This is a safer way to almost do the same thing:
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

penguinspeaks
  • Locked
  • Question
write HTML code within ASP line
Replies
1
Views
112
xwb
xwb
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
94
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
88
penguinspeaks
penguinspeaks
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
75
penguinspeaks
penguinspeaks
bslintx2021
  • Locked
  • Question
How to configure IIS 10 server to allow Classic ASP to connect to MSSQL server database on a domain
Replies
1
Views
203
penguinspeaks
penguinspeaks

Part and Inventory Search

Sponsor

Back
Top