...

View Full Version : incomplete data



mivec
08-17-2005, 09:09 PM
hi all,
i have a text area which u knw..u can write lots of stuff there but when it's inserted into the db, i only have one word which is the first word....what happen to the long sentence(s) which i have typed in?

cheers

Roelf
08-17-2005, 09:32 PM
does it have anything to do with the fieldlength defined in the database??

Freon22
08-17-2005, 09:33 PM
I think it would help if you posted some code :) .

mivec
08-18-2005, 10:24 AM
hi guys...ok...will post the code here:

this is the initial page where user types in their stuff(eventUpload.asp):



<form method="post" action="eventConfirm.asp" name="evUpload">
<table width="100%" border="0">
<tr>
<td align="center" class="white" valign="top" width="13%"><hr><br>
<u><font color="#FFFF00">MENU</font></u> <br>
<br>
<a href="eventView.asp">View Event</a><br>
<br>
<a href="#">Upload Event</a><br>
<br>Delete Events<br><br>Edit Events<br><br><hr></td>
<td width="87%"><table width="92%" border="0" align="center" class="forumline" cellspacing="1" cellpadding="4">
<tr>
<td height="30" colspan="2" align="center" class="rowbg">Events Upload</td>
</tr>
<tr>
<td width="30%" height="22" class="row1">Event Title :</td>
<td width="60%" class="row2">
<input type="text" name="txtEvName" size="80">
<font color="#FF0000"><b>**</b></font> </td>
</tr>
<tr>
<td width="30%" class="row1">Event Venue :</td>
<td width="60%" class="row2"><input type="text" name="txtEvLocation" size="80">
<font color="#FF0000"><strong>**</strong></font></td>
</tr>
<tr>
<td width="30%" class="row1">Event Speaker :</td>
<td width="60%" class="row2"><input type="text" name="txtEvHandler" size="40">
<font color="#FF0000"><strong>**</strong></font></td>
</tr>
<tr>
<td width="30%" class="row1">Event Date : </td>
<td width="60%" class="row2">
<input type="text" name="txtEvDate" size="40">
<strong><font color="#FF0000">**</font></strong></td>
</tr>
<tr>
<td width="30%" class="row1">Event Sysnopsis :</td>
<td width="60%" class="row2"><textarea name="txtaSysnopsis" cols="78" rows="4"></textarea></td>
</tr>
<tr>
<td width="30%" class="row1">Event SignUp : </td>
<td width="60%" class=row2 align=left><input type="text" name="txtSign" size="80"></td>
</tr>
<tr>
<td width="30%" class="row1">Event Weblink : </td>
<td width="60%" class=row2 align=left><input type="text" name="txtWeblink" size="80"></td>
</tr>
<!--<tr>
<td width="30%" class="row1">Event Image : </td>
<td width="60%" class=row2 align=left><input name="urlFile" type="file" size="50"> </td>
</tr>-->
<tr>
<td width="30%" class="row1">Event Content Color : </td>
<td width="60%" class="row2" align="left"><input id="pick1123677243field" size="9" onChange="relateColor('pick1123677243', this.value);" title="color" name="txtCol">
<a href="javascript:pickColor('pick1123677243');" id="pick1123677243"
style="border: 1px solid #000000; font-family:Verdana; font-size:10px;
text-decoration: none;">&nbsp;&nbsp;&nbsp;</a>
<script language="javascript">relateColor('pick1123677243', getObj('pick1123677243field').value);</script>
(Click the small box for border color)</td>
</tr>
<!--<tr><td colspan="2">&nbsp;</td></tr> -->
<tr><td colspan="2" align="center" class="row4">
<input type="submit" name="btnSend" value="Send">&nbsp;
<input type="reset" name="btnReset" value="Reset"> </td>
</tr>
</table></td>
</tr>
</table>
</form>


this is the 2nd page where the values are stored in the hidden input tags(eventConfirm.asp):



<form method="post" action="eventDone.asp" name="uploadOK">
<input type="submit" name="btnSend" value="Send">
<input type="hidden" name="txtEvName" value=<%=request.form("txtEvName")%>>
<input type="hidden" name="txtEvLocation" value=<%=request.form("txtEvLocation")%>>
<input type="hidden" name="txtEvHandler" value=<%=request.form("txtEvHandler")%>>
<input type="hidden" name="txtEvDate" value=<%=request.form("txtEvDate")%>>
<input type="hidden" name="txtaSysnopsis" value=<%=request.form("txtaSysnopsis")%>>
<input type="hidden" name="txtSign" value=<%=request.form("txtSign")%>>
<input type="hidden" name="txtWeblink" value=<%=request.form("txtWeblink")%>>
<input type="hidden" name="txtCol" value=<%=request.form("txtCol")%>>
</form>


this is where the data's are inserted to the db(eventDone.asp)


<%@ LANGUAGE="VBSCRIPT" %>
<% OPTION EXPLICIT
Response.expires = 0 %>
<!-- #include file = "adovbs.inc" -->
<!-- including the function definition file -->
<!-- #include file = "FuncDef.asp" -->
<!-- This file is to update the database after the confirmation -->

<!-- This page confirms that the user's account has been created -->
<!-- This coding inserts the user's details into the database -->

<%
Dim SQLTxt
Dim ran
Dim intRan

Randomize()

ran = 987654321 * Rnd()
intRan = Int(ran)

SQLTxt = "SELECT * from tEvents WHERE evTitle = '" & request.form("txtEvName") & "';"

OpenMyDB dbfile, SQLTxt

DBRecordset.addnew
DBRecordset("evID") = intRan
DBRecordset("evTitle") = request.form("txtEvName")
DBRecordset("evVenue") = request.form("txtEvLocation")
DBRecordset("evSpeaker") = request.form("txtEvHandler")
DBRecordset("evDate") = request.form("txtEvDate")
DBRecordset("evSynopsis") = request.form("txtaSysnopsis")
DBRecordset("evSignUp") = request.form("txtSign")
DBRecordset("evWebLink") = request.form("txtWeblink")
DBRecordset("evBorderColor") = request.form("txtCol")
DBRecordset.Update

CloseMyDB
%>


the problem is this for everyone of them, whenever a space is encountered...the rest of the characters does not go in...only what is BEFORE the space..here is a snapshot of the record of the db.i'll attach it..so, whats the problem??going nuts here... :(

i will attach the database snapshot here also.see attachment

mivec
08-19-2005, 01:27 AM
anyone?? i myself is also shocked by what went in...only just one word of a WHOLE sentence....that means it only inserts anything BEFORE meeting the space(which is only one word for this case).help.....anyone....pls....

:(

miranda
08-19-2005, 02:47 AM
i am betting that there was an apostrophe aka single quote used in the string. You need to use the replace function below to allow the full string to be inserted.

replace lone apostrophe with two apostrophes
Replace(yourString, "'", "''")

or replace with ascii character code like below just remove the spaces
in & # 39;

Replace(yourString, "'", "& # 39;")
or you can add this function to prevent sql interjection attacks

Private Function preventInjection(ByRef theString)
theString = Replace(theString, "'", "''") 'removes lone apostrophe's '
theString = Replace(theString, ";", "") 'removes semicolon
theString = Replace(theString, "--", "") 'removes double dash sql comment
preventInjection = theString
End Function

Freon22
08-19-2005, 03:31 AM
Have you tryed to do a Response.Write(request.form("txtaSysnopsis")) on page two to see if you have your full textarea at that point? I see that you are putting your textarea into a hidden form. I did some looking around and I don't see anything wrong with do that.



<input type="hidden" name="txtaSysnopsis" value=<%=request.form("txtaSysnopsis")%>>

But I am slow I think miranda has hit it.

glenngv
08-22-2005, 12:43 PM
I did some looking around and I don't see anything wrong with do that.



<input type="hidden" name="txtaSysnopsis" value=<%=request.form("txtaSysnopsis")%>>

There is something wrong with it.

<input type="hidden" name="txtaSysnopsis" value="<%=Server.HTMLEncode(request.form("txtaSysnopsis"))%>">
The value should be enclosed in quotes and must be HTML encoded.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum