Posts Tagged ‘asp’

ASP has a lot of “interesting” features shall we say. I’ve just been working with the dictionary object which is basically an array with named items, so everything has a key and value pair.

There is a method to add elements to it which accepts variables instead of literal text strings (as you would expect of course) but it doesn’t seem to accept variables in array.

For example, this will not work…

totals.Add RSTdata(“id”), 10
Response.Write(totals(RSTdata(“id”)))

However this will work just fine…

idNumber = RSTdata(“id”)
totals.Add idNumber, 10
Response.Write(totals(idNumber))

This isn’t quite as cool as the way ASP decides the forget about some variables but only after you’ve referenced them for the first time creating a rather nice heisenbug when you put in a few print lines but never the less interesting.

Changes are if you are using ASP you will sometime want to write in something into a page without going back into HTML. You can always open an IF then close the ASP script write in your HTML then open the ASP script up again and END IF. However this is not always practical.

When it’s needed

Some WYSIWYG editors will display little ASP icons where ASP scripts are and if you are using one page to house several pages of content then you will want it all to be inside the ASP script so that it doesn’t mess up and stretch the layout of your page.

However if you are opening and closing ASP scripts with HTML in between, all the HTML will display in between all these scripts and will be fully visible on your page rather than being contained in the little ASP script icon.

Another instance would be when you want your HTML content to be in a variable. Say if you wanted to use the same block of HTML script in two places or repeatedly say for a newsletter script then it would be easy if all the HTML was in a variable you could just include anywhere in your ASP script.

Being ASP ready

Most HTML tags will go in the basic format for Response Write in ASP fine as there are no limitations as its al contained within markers to show what is ASP script and what is the content you are setting as a variable. For example:

Response.Write("all the code goes here and its all contained in this area nicely")

The problem is that often in HTML, the quote mark is used. But using one of these ” in a response write ASP command will close the Response Write area and code will be left out and start causing all sorts of errors. For example:

Response.Write("<img src="somepath_is_outside_the_quotes"")

Quoting the problem

How do you contain these problems then? By removing or even adding quotes. The first option is to simply remove all the quotes or as many as you can. This means that it isn’t formatted correctly and W3C won’t be happy with you but they never are anyway ;). It will still work in the user’s browser at any rate.

<img src=somefile.gif width=100 height=200 border=0 />

This code appears fine, and it would display fine. This can then be put between the quotes in a Response Write tag in ASP. Problems do not end there though – what happens if your need spaces in a variable. There you couldn’t use the above tactic.

Spaces and doubles

Take a look at the following code. There may be better examples but this one works fine. Its an image with an ALT tag with some keywords in it.

<img src=somefile.gif border=0 alt="some keywords go here" />

There is a problem. The ALT tag has spaces in, so after some, the browser may think that everything beyond there is something else. And with good reason as we could replace keywords go here with width=50 and we wouldn’t want that to be part of the ALT tag.

The solution it to use double quotes.

<img src=somefile.gif border=0 alt=""some keywords go here"" />

This keeps the ASP code correct and adds a quote into the HTML when it is sent to the browser. It’s a bit longer and more code that usual but you can easily change all the ” to “” with a quick find and replace.

The request function, suprising requests a value. This could be a query string, form variable, or some other value. For example if you were at the following URL.

http://www.somepage.com/home.asp?ID=23

And you had a script as such.

Request.QueryString("ID")

The call would return the value 23.

An example of where this can be used is on the M World News channel. The news is stored dynamically in a databasde so when you click on a link to the full story from the news homepage you are taken to a dynamic page which selects the story based on the ID of the story you want passed to the page as a url variable. For example the link could be:

http://www.mworld.us/news/story.asp?ID=52

Examples of use:

Request.QueryString("SomeURLVariable")
Request.Form("SomeFormElement")
Request.Cookies("SomeCookie")

This is how to do a basic Hello, World! in ASP.

<html>
<head>
<title>Hello World in ASP</title>
</head>
<body>

<%
Response.Write("Hello, World!")
%>

</body>
</html>

There are two parts. The first is the Response, this tells the server that it needs to do something – to send something out as it were. The second part, in this case Write, is what it has to do.

ASP code is added like scripts to HTML. You open an ASP script using the tag.

<%

You close it using the reverse.

%>

Therefore in a HTML page it would look like the following.

<html>
<head>
<title>Example script</title>
</head>
<body>

<%
' here is some ASP script
%>

</body>
</head>

Notice the use of a comment in the script.

<%
' This is an ASP comment
' Here is another
%>

Problem: You are requesting QueryString’s in ASP but nothing happens and the value seems to be empty.

Cause: You cannot use default documents when requesting QueryString’s. For example:

http://www.somefile.com/search/index.asp?q=hello

Would pick up that the query string “q” is set to “hello.” However:

http://www.somefile.com/search/?q=hello

Would not pick up anything despite index.asp being loaded as the default document.

Fix: Enter the full url instead of skipping out the file name.

Building an admin log in system is pretty simple for s small site. You don’t need a username so a password is acceptable for log in and you can writee your password into the code. However because it is an admin section it needs to be fairly secure – no having the password available for any old joe to find in the source code.

The solution – a simple server side script. The password will be in the code but because it is server side is will never reach the end user and so they cannot get hold of it.

For this you will need three pages. A main page, a log in and page and log out page.

index.asp
login.asp
logout.asp

Because we need it to be fairly secure I am going to use a session cookie for the password. Let’s start with the main page.

<%
If Session("adminpassword") <> "dog" Then
Response.Redirect ("login.asp")
End If
%>

<html>
<head>
<title>Admin Homepage</title>
</head>

<body>
<p>Welcome to the admin secction.</p>
</body>
</html>

For this I have chosen the pasword “dog.” If this is not present in a session cookie called adminpassword, the user will be redirected to login.aso. Lets look at that now.

<html>
<head>
<title>Admin Log In</title>
</head>
<p>Please enter the admin password:</p>
<form action="login.asp" method="post" name="login_form" id="login_form">
<input name="password" type="password" id="password" size="40">
<input type="submit" name="Submit" value="Log In">
</form>
</body>
</html>

The first thing I have done is to add a form called “login_form” to allow the user to log in. In the form I have placed a text field called “password” and a submit button so they can type in the password and click submit to log in. This sends the user and the form variable, “password” to login.asp (the same page but reloaded). Now we need to add some server side scripting to the top of the game above the <html> tag.

<%
' checks to see if the password has been submitted
If Request.Form ("password") <> "" Then
' it has so writes in the session cookie
Session ("adminpassword") = Request.Form("password")
' if the user's password is correct they should now be able
' to gain access to the main page
' if they entered an incorrect password they will be
' redirected back here. Because the form variable
' is not sent when they are redirected back here
' they will not be redirected back to index.asp
Response.Redirect ("index.asp")
%>

If the password is incorrect, eg, they entered a password that is different from “dog” eg they entered “cat” it will still be saved in the session variable and the user will still be redirected to index.asp, but because the password is not “dog” they will be redirected back here again.

The fact that the incorrect password is saved in the session cookie allows us to give the user some more information when they are redirected back to login.asp because index.asp won’t give them access.

<%
' if the user is on login.asp but still has a password
' in the session cookie, they must have entered
' and incorrect password
If Session ("adminpassword") <> "" Then
%>
<p>You entered an incorrect password.</p>
<%
End If
%>

You can then insert the script that we placed at the top of index.asp to all the pages you want protecting. To save yourself having to change the script on every protected page when you want to change the password, you could also save the script, by itself, in a separate file and use file include to all the pages you want protecting.

<!--#include file="passwordcheck.asp" -->

You can then just update the script in passwordcheck.asp and all the protected pages would now use the new password.

Finally we need to create a log out page for the user to logout, to stop anyone else getting in after the user is done. This maybe not be needed if you are on a home pc which nobody else has access to but you might want to build one anyway. The log out page is amazingly simple.

<%
Session.Abandon ()
Response.Redirect ("index.asp")
%>

This should log the user out. If the user has not been logged out for some reason they will know because they will gain access to index.asp when they are redirected to it. If the user has been logged out successfully, index.asp will redirect them to login.asp and so they will know they have been logged out.

Now just o make it easier on you I will include the full source code including links, html and asp code, ready for you to copy and paste into your text editor and save as the appropriate files.

index.asp

<%
If Session("adminpassword") <> "dog" Then
Response.Redirect ("login.asp")
End If
%>

<html>
<head>
<title>Admin Homepage</title>
</head>

<body>
<p>Welcome to the admin secction.</p>
<p><a href="logout.asp">Click here to log out.</a></p>
</body>
</html>

login.asp

<%
' checks to see if the password has been submitted
If Request.Form ("password") <> "" Then
' it has so writes in the session cookie
Session ("adminpassword") = Request.Form("password")
' if the user's password is correct they should now be able
' to gain access to the main page
' if they entered an incorrect password they will be
' redirected back here. Because the form variable
' is not sent when they are redirected back here
' they will not be redirected back to index.asp
Response.Redirect ("index.asp")
%>

<html>
<head>
<title>Admin Log In</title>
</head>
<p>Please enter the admin password:</p>
<form action="login.asp" method="post" name="login_form" id="login_form">
<input name="password" type="password" id="password" size="40">
<input type="submit" name="Submit" value="Log In">
</form>
</body>
</html>

logout.asp

<%
Session.Abandon ()
Response.Redirect ("index.asp")
%>

This tutorial will show you how to build a simple hit counter. It does not use any SQL or databases; it stores the hits in a text file.

Allou need to create for this script is your ASP file and a text file. In the text file, simply enter the number 0 and save it in the same directory as count.txt. Take a look at the basic source code.

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

Now lets break it down into three sections.

<%@ Language="VBScript" %>

This just states that the page is a VB script page.

<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>

This section stops the user refreshing the page to clock up hits.

<%
if Session("ct") = "" then
fp = Server.MapPath("count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

This is the main section which adds the hits.

fp = Server.MapPath("count.txt")

This tells the server where to find the file. You can modify the file location by changing count.txt. So for instance if you wanted to to be called hitcounter.txt and in the directory db you would use:

fp = Server.MapPath("db\hitcounter.txt")

All you have to do is alter the file path in the quote marks.

Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)

This section opens the file using FileSystemObject and reads the first line. It then sets the variable ct to the amount of hits it has already had.

ct = ct + 1

This line adds one hit to the total number of visitors.

Session("ct") = ct
a.close

This part saves a session variable as the new click through with the new amount of visitors and closes the text file.

Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close

This code creates a new text file over the old one and adds in the new amount of visitors to it. Then it closes the text file.

Now you have a working hit counter. All you need to do is add the hit counter into your page:

You are a visitor number <%=ct%>!

This would display the amount of visitors. Now to save confusion, here is the full source code for the page:

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>
<html>
<body>
You are a visitor number <%=ct%>!
</body>
</html>

Server.MapPath is used to create a file path from a virtual path.

Here’s a typical DNS-less database connection:

Connection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=C:\wwwroot\users\someaddress\db\data.mdb"

This isn’t much good though if you don’t know the full file path and if you are using a web host the chances are that you won’t know it. So you can use Server.MapPath instead.

Lets say that database is on the internet at the following address. Not that it is a good idea to have your database web accessible of course.

http://www.someaddress.com/db/data.mdb

Instead of having to use the file path as the top you could use a virtual path:

Connection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=" + Server.MapPath("/db/data.mdb")

This would get the server to “map” a file path to the database from the virtual path you give it. Notice that after DBQ= the tag (“) is closed as you don’t want the server to think + Sever.Map… is part of the file path.

The request function, surprisingly, requests a value. This could be a URL variable, form variable, or some other value. For example if you were at the url.

http://www.somepage.com/home.asp?ID=23

You would use the following code in your script.

Request.QueryString("ID")

The line would then return the value 23.

An example of where this can be used is on the M World News channel. The news is stored dynamically in a database so when you click on a link to the full story from the news homepage you are taken to a dynamic page which selects the story based on the ID of the story you want passed to the page as a url variable. For example the link could be as follows.

http://www.mworld.us/news/story.asp?ID=52

Examples of use

Request.QueryString("SomeURLVariable")
Request.Form("SomeFormElement")
Request.Cookies("SomeCookie")