CodingForums.com - View Single Post

MrJL · 06-28-2002, 11:12 PM

Ok, the base of my code is Ocean12 ASP Mailing List Manager. The free version of the script has it's limitations, so I'm attempting add a feature here & there on my own.

As it stands, when you sign up for the Newsletter, it adds your e-mail to the database and that's it. The next step is I send a mailing to the list and get bounced e-mails for the people that say their e-mail address has a coma in it or that don't give me the "@yahoo.com" portion of their address.

Rather than get 5-10 bounced e-mails at once, I'd rather 'weed them out' as I go. And provide a security feature into the script. The database table looks like this at Download:

ID | EMail | First Name | Last Name | Date Joined

I've added a sixth column to the table, "Conf" which is a Yes/No field. Either it's "true" or it's "false". I should mentioned, I'm running off of Access. By default, when a user signs up, the Conf field is set to 'False'. For all intents and purposes, this means they haven't "Confirmed" their subscription yet.

At this point, and e-mail is sent to the directing them to a particular URL which will 'confirm' their subscription. I've skipped the automated e-mail for now, because I'm working on the page it directs them to first.

This is where my problem comes in. To keep the the confirmation process somewhat secure, I'm directing them to "confirm.asp?Email=jer@jers-web.com" for instance, without the () of course.

However, it's returning Syntax error (missing operator) in query expression 'Email = jer@jers-web.com'. The code I'm using follows:

Code:

********Included Page, Cannot Edit Start********
<%
dim dsn
dim Conn
dsn="DBQ=" & Server.Mappath("/fpdb/o12mail.mdb") & ";Driver={Microsoft Access Driver (*.mdb)};"
Set Conn = Server.CreateObject("ADODB.Connection")
Conn.Open dsn
%>
********Included Page, Cannot Edit End**********

<%
Dim strSql, infoRS

Email = Request.QueryString("Email")
%>

<%
IF Len(Email) > 0 THEN
	GetImage()
	DisplayGood()
ELSE
	DisplayBad()
END IF

%>

<% Sub GetImage()
	strSql = "SELECT * FROM List WHERE Email = " & Email & ";"
	set infoRS = Conn.Execute(strSql) 
End Sub %>

<% Sub DisplayGood() %>

<html>

<head>
</head>

<body>

<%= infoRS("Email") %><br><%= infoRS("Name_First") %><br><%= infoRS("Conf") %>
</body>

</html>
<!--#include file="dsn2.asp"-->

<% End Sub %>

<% Sub DisplayBad() %>
<html>

<head>
</head>

<body>
This is a Bad Display
</body>

</html>
<!--#include file="dsn2.asp"-->
<% End Sub %>

Can I have an e-mail address in the URL like that? It's picking out "line 21" on the error, which is this line "set infoRS = Conn.Execute(strSql)". Any ideas?

Any help is much appreciated! :-)

Thanks!

Jer!

06-28-2002, 11:12 PM	PM User \| #1
MrJL New Coder Join Date: Jun 2002 Location: Central Ohio Posts: 34 Thanks: 0 Thanked 0 Times in 0 Posts	Confirm Subscription Ok, the base of my code is Ocean12 ASP Mailing List Manager. The free version of the script has it's limitations, so I'm attempting add a feature here & there on my own. As it stands, when you sign up for the Newsletter, it adds your e-mail to the database and that's it. The next step is I send a mailing to the list and get bounced e-mails for the people that say their e-mail address has a coma in it or that don't give me the "@yahoo.com" portion of their address. Rather than get 5-10 bounced e-mails at once, I'd rather 'weed them out' as I go. And provide a security feature into the script. The database table looks like this at Download: ID \| EMail \| First Name \| Last Name \| Date Joined I've added a sixth column to the table, "Conf" which is a Yes/No field. Either it's "true" or it's "false". I should mentioned, I'm running off of Access. By default, when a user signs up, the Conf field is set to 'False'. For all intents and purposes, this means they haven't "Confirmed" their subscription yet. At this point, and e-mail is sent to the directing them to a particular URL which will 'confirm' their subscription. I've skipped the automated e-mail for now, because I'm working on the page it directs them to first. This is where my problem comes in. To keep the the confirmation process somewhat secure, I'm directing them to "confirm.asp?Email=jer@jers-web.com" for instance, without the () of course. However, it's returning Syntax error (missing operator) in query expression 'Email = jer@jers-web.com'. The code I'm using follows: Code: ******Included Page, Cannot Edit Start****** <% dim dsn dim Conn dsn="DBQ=" & Server.Mappath("/fpdb/o12mail.mdb") & ";Driver={Microsoft Access Driver (.mdb)};" Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open dsn %> *****Included Page, Cannot Edit End******** <% Dim strSql, infoRS Email = Request.QueryString("Email") %> <% IF Len(Email) > 0 THEN GetImage() DisplayGood() ELSE DisplayBad() END IF %> <% Sub GetImage() strSql = "SELECT * FROM List WHERE Email = " & Email & ";" set infoRS = Conn.Execute(strSql) End Sub %> <% Sub DisplayGood() %> <html> <head> </head> <body> <%= infoRS("Email") %><br><%= infoRS("Name_First") %><br><%= infoRS("Conf") %> </body> </html> <!--#include file="dsn2.asp"--> <% End Sub %> <% Sub DisplayBad() %> <html> <head> </head> <body> This is a Bad Display </body> </html> <!--#include file="dsn2.asp"--> <% End Sub %> Can I have an e-mail address in the URL like that? It's picking out "line 21" on the error, which is this line "set infoRS = Conn.Execute(strSql)". Any ideas? Any help is much appreciated! :-) Thanks! Jer! __________________ Jers-Web, Inc. Ever seen 49,825 Alert Boxes on one page? I have!