I know I need to add in some code
to handle apostrophe's in input fields but for the life of me cannot work out where to do it in this Macromedia generated code.
Help....
TIA
Code:
(lname = replace(lname, "'", "''"))
to handle apostrophe's in input fields but for the life of me cannot work out where to do it in this Macromedia generated code.
Help....
TIA
Code:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<%
Response.Expires = 60
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>
<!--#include file="Connections/Phone.asp" -->
<%
Dim hasSQLWhereClause
Dim whereClause
Dim MM_whereConst
hasSQLWhereClause=false
whereClause=""
MM_whereConst = " "
Set fieldValue = Request.QueryString("init")
If Request.QueryString("init") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(init))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(init))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("fname")
If Request.QueryString("fname") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(fname))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(fname))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("lname")
If Request.QueryString("lname") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(lname))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(lname))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("tel")
If Request.QueryString("tel") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(tel))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(tel))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("mobile")
If Request.QueryString("mobile") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(mobile))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(mobile))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("dept")
If Request.QueryString("dept") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(dept))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(dept))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("jobtitle")
If Request.QueryString("jobtitle") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(jobtitle))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(jobtitle))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
Set fieldValue = Request.QueryString("ntel")
If Request.QueryString("ntel") <> "" Then
If hasSQLWhereClause = false Then
hasSQLWhereClause=true
whereClause=whereClause & " rtrim(ltrim(Ucase(ntel))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
Else
whereClause=whereClause & " and rtrim(ltrim(Ucase(ntel))) like rtrim(ltrim(Ucase('%" & fieldValue & "%')))"
End If
End If
If whereClause <> "" Then
MM_whereConst = "WHERE"
End If
Dim RecordSet1
Dim RecordSet1_numRows
Set RecordSet1 = Server.CreateObject("ADODB.Recordset")
RecordSet1.ActiveConnection = MM_Phone_STRING
RecordSet1.Source = "SELECT * FROM users " & MM_whereConst & " " & whereClause & " ORDER BY lname asc"
RecordSet1.CursorType = 0
RecordSet1.CursorLocation = 2
RecordSet1.LockType = 1
RecordSet1.Open()
RecordSet1_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index
Repeat1__numRows = 10
Repeat1__index = 0
RecordSet1_numRows = RecordSet1_numRows + Repeat1__numRows
%>
<%
' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables
Dim RecordSet1_total
Dim RecordSet1_first
Dim RecordSet1_last
' set the record count
RecordSet1_total = RecordSet1.RecordCount
' set the number of rows displayed on this page
If (RecordSet1_numRows < 0) Then
RecordSet1_numRows = RecordSet1_total
Elseif (RecordSet1_numRows = 0) Then
RecordSet1_numRows = 1
End If
' set the first and last displayed record
RecordSet1_first = 1
RecordSet1_last = RecordSet1_first + RecordSet1_numRows - 1
' if we have the correct record count, check the other stats
If (RecordSet1_total <> -1) Then
If (RecordSet1_first > RecordSet1_total) Then
RecordSet1_first = RecordSet1_total
End If
If (RecordSet1_last > RecordSet1_total) Then
RecordSet1_last = RecordSet1_total
End If
If (RecordSet1_numRows > RecordSet1_total) Then
RecordSet1_numRows = RecordSet1_total
End If
End If
%>
<%
' *** Recordset Stats: if we don't know the record count, manually count them
If (RecordSet1_total = -1) Then
' count the total records by iterating through the recordset
RecordSet1_total=0
While (Not RecordSet1.EOF)
RecordSet1_total = RecordSet1_total + 1
RecordSet1.MoveNext
Wend
' reset the cursor to the beginning
If (RecordSet1.CursorType > 0) Then
RecordSet1.MoveFirst
Else
RecordSet1.Requery
End If
' set the number of rows displayed on this page
If (RecordSet1_numRows < 0 Or RecordSet1_numRows > RecordSet1_total) Then
RecordSet1_numRows = RecordSet1_total
End If
' set the first and last displayed record
RecordSet1_first = 1
RecordSet1_last = RecordSet1_first + RecordSet1_numRows - 1
If (RecordSet1_first > RecordSet1_total) Then
RecordSet1_first = RecordSet1_total
End If
If (RecordSet1_last > RecordSet1_total) Then
RecordSet1_last = RecordSet1_total
End If
End If
%>
<%
Dim MM_paramName
%>
<%
' *** Move To Record and Go To Record: declare variables
Dim MM_rs
Dim MM_rsCount
Dim MM_size
Dim MM_uniqueCol
Dim MM_offset
Dim MM_atTotal
Dim MM_paramIsDefined
Dim MM_param
Dim MM_index
Set MM_rs = RecordSet1
MM_rsCount = RecordSet1_total
MM_size = RecordSet1_numRows
MM_uniqueCol = ""
MM_paramName = ""
MM_offset = 0
MM_atTotal = false
MM_paramIsDefined = false
If (MM_paramName <> "") Then
MM_paramIsDefined = (Request.QueryString(MM_paramName) <> "")
End If
%>
<%
' *** Move To Record: handle 'index' or 'offset' parameter
if (Not MM_paramIsDefined And MM_rsCount <> 0) then
' use index parameter if defined, otherwise use offset parameter
MM_param = Request.QueryString("index")
If (MM_param = "") Then
MM_param = Request.QueryString("offset")
End If
If (MM_param <> "") Then
MM_offset = Int(MM_param)
End If
' if we have a record count, check if we are past the end of the recordset
If (MM_rsCount <> -1) Then
If (MM_offset >= MM_rsCount Or MM_offset = -1) Then ' past end or move last
If ((MM_rsCount Mod MM_size) > 0) Then ' last page not a full repeat region
MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
Else
MM_offset = MM_rsCount - MM_size
End If
End If
End If
' move the cursor to the selected record
MM_index = 0
While ((Not MM_rs.EOF) And (MM_index < MM_offset Or MM_offset = -1))
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
If (MM_rs.EOF) Then
MM_offset = MM_index ' set MM_offset to the last possible record
End If
End If
%>
<%
' *** Move To Record: if we dont know the record count, check the display range
If (MM_rsCount = -1) Then
' walk to the end of the display range for this page
MM_index = MM_offset
While (Not MM_rs.EOF And (MM_size < 0 Or MM_index < MM_offset + MM_size))
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
' if we walked off the end of the recordset, set MM_rsCount and MM_size
If (MM_rs.EOF) Then
MM_rsCount = MM_index
If (MM_size < 0 Or MM_size > MM_rsCount) Then
MM_size = MM_rsCount
End If
End If
' if we walked off the end, set the offset based on page size
If (MM_rs.EOF And Not MM_paramIsDefined) Then
If (MM_offset > MM_rsCount - MM_size Or MM_offset = -1) Then
If ((MM_rsCount Mod MM_size) > 0) Then
MM_offset = MM_rsCount - (MM_rsCount Mod MM_size)
Else
MM_offset = MM_rsCount - MM_size
End If
End If
End If
' reset the cursor to the beginning
If (MM_rs.CursorType > 0) Then
MM_rs.MoveFirst
Else
MM_rs.Requery
End If
' move the cursor to the selected record
MM_index = 0
While (Not MM_rs.EOF And MM_index < MM_offset)
MM_rs.MoveNext
MM_index = MM_index + 1
Wend
End If
%>
<%
' *** Move To Record: update recordset stats
' set the first and last displayed record
RecordSet1_first = MM_offset + 1
RecordSet1_last = MM_offset + MM_size
If (MM_rsCount <> -1) Then
If (RecordSet1_first > MM_rsCount) Then
RecordSet1_first = MM_rsCount
End If
If (RecordSet1_last > MM_rsCount) Then
RecordSet1_last = MM_rsCount
End If
End If
' set the boolean used by hide region to check if we are on the last record
MM_atTotal = (MM_rsCount <> -1 And MM_offset + MM_size >= MM_rsCount)
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
Dim MM_keepNone
Dim MM_keepURL
Dim MM_keepForm
Dim MM_keepBoth
Dim MM_removeList
Dim MM_item
Dim MM_nextItem
' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then
MM_removeList = MM_removeList & "&" & MM_paramName & "="
End If
MM_keepURL=""
MM_keepForm=""
MM_keepBoth=""
MM_keepNone=""
' add the URL parameters to the MM_keepURL string
For Each MM_item In Request.QueryString
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
If Request.QueryString(MM_item).Count > 1 Then
For i=1 To Request.QueryString(MM_item).Count
MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item)(i))
Next
Else
MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
End If
End If
Next
' add the Form variables to the MM_keepForm string
For Each MM_item In Request.Form
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
End If
Next
' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
If (MM_keepBoth <> "") Then
MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
End If
If (MM_keepURL <> "") Then
MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
End If
If (MM_keepForm <> "") Then
MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
End If
' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
If (firstItem <> "") Then
MM_joinChar = "&"
Else
MM_joinChar = ""
End If
End Function
%>
<%
' *** Move To Record: set the strings for the first, last, next, and previous links
Dim MM_keepMove
Dim MM_moveParam
Dim MM_moveFirst
Dim MM_moveLast
Dim MM_moveNext
Dim MM_movePrev
Dim MM_urlStr
Dim MM_paramList
Dim MM_paramIndex
Dim MM_nextParam
MM_keepMove = MM_keepBoth
MM_moveParam = "index"
' if the page has a repeated region, remove 'offset' from the maintained parameters
If (MM_size > 1) Then
MM_moveParam = "offset"
If (MM_keepMove <> "") Then
MM_paramList = Split(MM_keepMove, "&")
MM_keepMove = ""
For MM_paramIndex = 0 To UBound(MM_paramList)
MM_nextParam = Left(MM_paramList(MM_paramIndex), InStr(MM_paramList(MM_paramIndex),"=") - 1)
If (StrComp(MM_nextParam,MM_moveParam,1) <> 0) Then
MM_keepMove = MM_keepMove & "&" & MM_paramList(MM_paramIndex)
End If
Next
If (MM_keepMove <> "") Then
MM_keepMove = Right(MM_keepMove, Len(MM_keepMove) - 1)
End If
End If
End If
' set the strings for the move to links
If (MM_keepMove <> "") Then
MM_keepMove = Server.HTMLEncode(MM_keepMove) & "&"
End If
MM_urlStr = Request.ServerVariables("URL") & "?" & MM_keepMove & MM_moveParam & "="
MM_moveFirst = MM_urlStr & "0"
MM_moveLast = MM_urlStr & "-1"
MM_moveNext = MM_urlStr & CStr(MM_offset + MM_size)
If (MM_offset - MM_size < 0) Then
MM_movePrev = MM_urlStr & "0"
Else
MM_movePrev = MM_urlStr & CStr(MM_offset - MM_size)
End If
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "[URL unfurl="true"]http://www.w3.org/TR/html4/loose.dtd">[/URL]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Technip Offshore UK Telephone Directory</title>
<link href="csog.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style2 {
color: #d1d1a5;
font-size: x-small;
}
.style9 {font-size: x-small}
.style12 {font-size: x-small; color: #A0A0A4; }
.style13 {color: #FFFFFF; font-weight: bold; }
.style14 {color: #FFFFFF; }
a:link {
color: #FFFFFF;
}
a:visited {
color: #A0A0A4;
}
-->
</style>
</head>
<body>
<div align="center">
<p>
<% If Request.QueryString("AdvSearch") <> "" Then
If (RecordSet1_total = 0) Then %>
<span class="style12">Search returned no results. <a href="search.asp" class="style9">Return to Search Page</a></span>
<% Else %>
</p>
<table width="50%" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<td colspan="4" align="center"><a href="search.asp" class="style12">Return to Search Page</a></td>
</tr>
<tr bgcolor="d1d1a5" class="style12">
</tr>
<tr>
<td colspan="4" align="center"><span class="style12">Records <%=(RecordSet1_first)%> to <%=(RecordSet1_last)%> of <%=(RecordSet1_total)%></span></td>
</tr>
<tr bgcolor="#0E4699" class="style12">
<td align="center"><% if (MM_offset <> 0) then %>
<a href="<%=MM_moveFirst%>">First</a>
<% end if %>
</td>
<td align="center"><% if (MM_offset <> 0) then %>
<a href="<%=MM_movePrev%>">Previous</a>
<% end if %>
</td>
<td align="center"><% if (not MM_atTotal) then %>
<a href="<%=MM_moveNext%>">Next</a>
<% end if %>
</td>
<td align="center"><% if (not MM_atTotal) then %>
<a href="<%=MM_moveLast%>">Last</a>
<% end if %>
</td>
</tr>
<tr>
<td colspan="4" align="center"> </td>
</tr>
</table>
</div>
<table width="550" border="0" align="center" cellpadding="2" cellspacing="0">
<% While ((Repeat1__numRows <> 0) and (not RecordSet1.EOF))
Repeat1__numRows = Repeat1__numRows - 1%>
<tr bgcolor="#0E4699">
<td align="center"><div align="left"><span class="style2"><%=RecordSet1.Fields.Item("ID").Value%></span></div></td>
<td align="center"><div align="left"></div></td>
<td colspan="3" rowspan="9" align="center"><div align="left"></div> <div align="left"></div>
<div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div> <div align="left"></div>
<div align="center"><img src="<%=(Recordset1.Fields.Item("image").Value)%>"></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style13">Tel</div></td>
<td align="center"><div align="left" class="style14"><strong><%=(RecordSet1.Fields.Item("ntel").Value)%></strong></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style13">Last Name </div></td>
<td align="center"><div align="left" class="style14"><strong><%=RecordSet1.Fields.Item("lname").Value%></strong></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style13">First Name </div></td>
<td align="center"><div align="left" class="style14"><strong><%=RecordSet1.Fields.Item("fname").Value%></strong></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style14">Initials</div></td>
<td align="center"><div align="left" class="style14"><%=RecordSet1.Fields.Item("init").Value%></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style14">Mobile</div></td>
<td align="center"><div align="left" class="style14"><%=RecordSet1.Fields.Item("mobile").Value%></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style14">Job Title </div></td>
<td align="center"><div align="left" class="style14"><%=RecordSet1.Fields.Item("jobtitle").Value%></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style14">Department</div></td>
<td align="center"><div align="left" class="style14"><%=RecordSet1.Fields.Item("dept").Value%></div></td>
</tr>
<tr bgcolor="#0E4699">
<td align="center"><div align="left" class="style14">Old Number </div></td>
<td align="center"><div align="left" class="style14"><%=RecordSet1.Fields.Item("tel").Value%></div></td>
</tr>
<tr>
<td align="center"> </td>
<td align="center"> </td>
<td colspan="3" align="center"> </td>
</tr>
<%
Repeat1__index = Repeat1__index + 1
RecordSet1.MoveNext()
Wend
%>
</table>
<br>
<table width="50%" border="0" align="center" cellpadding="2" cellspacing="0">
<tr bgcolor="#0E4699" class="style12">
<td width="23%" align="center"> <% if (MM_offset <> 0) then %>
<a href="<%=MM_moveFirst%>">First</a>
<% end if %> </td>
<td width="31%" align="center"> <% if (MM_offset <> 0) then %>
<a href="<%=MM_movePrev%>">Previous</a>
<% end if %> </td>
<td width="23%" align="center"> <% if (not MM_atTotal) then %>
<a href="<%=MM_moveNext%>">Next</a>
<% end if %> </td>
<td width="23%" align="center"> <% if (not MM_atTotal) then %>
<a href="<%=MM_moveLast%>">Last</a>
<% end if %> </td>
</tr>
</table>
<div align="center"><br>
<a href="search.asp" class="style12">Return to Search Page</a></div>
<div align="center"><p><span class="style12">Records <%=(RecordSet1_first)%> to <%=(RecordSet1_last)%> of <%=(RecordSet1_total)%></span>
<% End If
End If%>
<br>
</p>
</div>
</body>
</html>
<%
RecordSet1.Close()
Set RecordSet1 = Nothing
%>