hey all -
i was hoping someone here could figure this out...
my update is returning a -1. I'm trying to insert into a memo field (A2K), and what's getting stored is a -1.
I've printed out the sql statement, and got what looks perfect:
the above code runs in query analyzer (or whatever access calls it) perfectly fine.
I've cut and paste my entire page below. I'm thinking it has something to do with permissions, but my setup doesn't have any permissions (Win98, PWS, Access 2K, MDAC 2.5)
The reason I think this is because it won't let me do an insert either....
any suggestions?
TIA - leo
------------
Leo Mendoza
lmendoza@garbersoft.net
i was hoping someone here could figure this out...
my update is returning a -1. I'm trying to insert into a memo field (A2K), and what's getting stored is a -1.
I've printed out the sql statement, and got what looks perfect:
Code:
UPDATE users SET profile = 'testing the update i''m doing' AND password = 'mypass' AND email = 'test@hotmail.com' WHERE userpk = 2the above code runs in query analyzer (or whatever access calls it) perfectly fine.
I've cut and paste my entire page below. I'm thinking it has something to do with permissions, but my setup doesn't have any permissions (Win98, PWS, Access 2K, MDAC 2.5)
The reason I think this is because it won't let me do an insert either....
any suggestions?
Code:
<%Option Explicit
Response.buffer = true
Dim pk, un
pk = Session("userpk")
un = Session("username")
if pk = "" or un = "" then
Response.Redirect("login.asp")
end if
Sub main(update,pw,pr,em,oldpw)
Dim c, r
Set c = Server.CreateObject("ADODB.Connection")
Set r = Server.CreateObject("ADODB.Recordset")
c.Open CN_STRING
r.ActiveConnection = c
if update then
r.Open "SELECT userpk, password FROM users WHERE password = '" & replace(oldpw,"'","''") & "' " & _
"AND userpk = " & pk
if r.EOF then
Response.write "The password you supplied was incorrect. Please try again"
else
if pw = "" then
pw = r("password")
end if
pw = replace(pw,"'","''")
if pr = "" then
pr = " "
end if
pr = replace(pr,"'","''")
Response.write pr
Dim sql
sql = "UPDATE users SET profile = '" & pr & "' AND password = '" & pw & "' AND " & _
"email = '" & replace(em,"'","''") & "' WHERE userpk = " & pk
Response.write sql & "<hr />"
Response.Write "<p>Your information has been updated </p><p><a href=""memberhome.asp"">members home</a></p>"
end if
else
r.Open "SELECT email,profile FROM users WHERE userpk = " & pk
if r.EOF then
Response.write "We are currently having problems trying to get your information. Please <a href=""login.asp"">login again</a>"
else
Response.write "<form name=""update"" action=""editinfo.asp"" method=""post"">" & _
"<table cellpadding=""4"" cellspacing=""0"" border=""0"">" & _
"<input type=""hidden"" name=""update"" value=""true"" />" & _
"<tr><td>Username:</td><td>" & un & "</td></tr>" & _
"<tr><td>Email:</td><td><input type=""text"" class=""tb"" name=""em"" size=""20"" value=""" & r("email") & """ maxlength=""255""</td></tr>" & _
"<tr><td>New password:</td><td><input type=""password"" name=""pw"" size=""16"" maxlength=""50"" class=""tb"" />" & _
"<tr><td>Retype password:</td><td><input type=""password"" name=""retype"" size=""16"" maxlength=""50"" class=""tb"" />" & _
"<tr><td colspan=""2"">Quote:<br /> <textarea name=""pr"" cols=""40"" rows=""10"" class=""tb"">" & r("profile") & "</textarea></td></tr>" & _
"<tr align=""right""><td colspan=""2"">old password: <input type=""password"" size=""16"" maxlength=""50"" class=""tb"" name=""oldpass"" />" & _
"<br><input type=""reset"" value=""reset"" class=""tb"" /><input type=""submit"" value=""change"" class=""btn"" /></td></tr></table>"
end if
end if
r.Close
c.Close
Set r = Nothing
Set c = Nothing
End sub
%>
<!--#include file="includes\cninfo.asp" -->
<!--#include file="includes\header.asp" -->
<%Call main(CBool(Request.Form("update")),Request.Form("pw"), _
Request.Form("pr"), Request.Form("em"), Request.Form("oldpass")) %>
<!--#include file="includes\footer.asp" -->TIA - leo
------------
Leo Mendoza
lmendoza@garbersoft.net
