A client's website has stopped working on a Fasthosts (UK) hosted website. The core of the website is over 10 years old and is written in ASP. I am currently getting it converted to PHP for security and sanity reasons. I just need a quick fix until this is done.I am retrieving data from the database OK and writing new records.
I am using a form to enter the details:
<form method="POST" action="<%=MM_editAction%>" name="form1">
<div align="center">
<h2 style="text-align: center">Enter the New Vehicle's Details</h2>
<table width="500" border="0" align="center" cellpadding="2" cellspacing="2">
<tr bgcolor="#CCCCCC">
<td bgcolor="#CCCCCC" class="tableleft">Marque</td>
<td bgcolor="#FFFFFF" class="tableright"><input name="Marque" type="text" value="" size="32">
These details are then passed back to the same page using:
<input type="hidden" name="MM_insert" value="form1">
<td><input type="submit" value="Insert record"></td>
<%If (CStr(Request("MM_insert")) = "form1") Then...
Then the form contents are converted to variables and inserted using the following statement:
sql_insert = "INSERT INTO tblCarList ([Marque], [Category], [Model], [VYear], [Miles], [Description1], [Description2], [Description3], [Description4], [Description5], [Description6], [Description7], [Description8], [Description9], [Description10], [Description11], [Description12], [Description13], [Price], [Sold], [Pic1], [Pic2], [Pic3], [Pic4], [VActive]) VALUES ('" & Replace(iMarque,"'","''") & "', '" & iCategory & "', '" & Replace(iModel,"'","''") & "', '" & Replace(iVYear,"'","''") & "', '" & Replace(iMiles,"'","''") & "', '" & Replace(iDescription1,"'","''") & "', '" & Replace(iDescription2,"'","''") & "', '" & Replace(iDescription3,"'","''") & "', '" & Replace(iDescription4,"'","''") & "', '" & Replace(iDescription5,"'","''") & "', '" & Replace(iDescription6,"'","''") & "', '" & Replace(iDescription7,"'","''") & "', '" & Replace(iDescription8,"'","''") & "', '" & Replace(iDescription9,"'","''") & "', '" & Replace(iDescription10,"'","''") & "', '" & Replace(iDescription11,"'","''") & "', '" & Replace(iDescription12,"'","''") & "', '" & Replace(iDescription13,"'","''") & "', '" & Replace(iPrice,"'","''") & "', '" & Replace(iSold,"'","''") & "', '" & Replace(iPic1,"'","''") & "', '" & Replace(iPic2,"'","''") & "', '" & Replace(iPic3,"'","''") & "', '" & Replace(iPic4,"'","''") & "', '" & Replace(iVActive,"'","''") & "')"
This works fine but when I use the same page to update a record but change the SQL statement to:
sql_replace = "REPLACE INTO tblCarList ([Marque], [Category], [Model], [VYear], [Miles], [Description1], [Description2], [Description3], [Description4], [Description5], [Description6], [Description7], [Description8], [Description9], [Description10], [Description11], [Description12], [Description13], [Price], [Sold], [Pic1], [Pic2], [Pic3], [Pic4], [VActive]) VALUES ('" & Replace(iMarque,"'","''") & "', '" & iCategory & "', '" & Replace(iModel,"'","''") & "', '" & Replace(iVYear,"'","''") & "', '" & Replace(iMiles,"'","''") & "', '" & Replace(iDescription1,"'","''") & "', '" & Replace(iDescription2,"'","''") & "', '" & Replace(iDescription3,"'","''") & "', '" & Replace(iDescription4,"'","''") & "', '" & Replace(iDescription5,"'","''") & "', '" & Replace(iDescription6,"'","''") & "', '" & Replace(iDescription7,"'","''") & "', '" & Replace(iDescription8,"'","''") & "', '" & Replace(iDescription9,"'","''") & "', '" & Replace(iDescription10,"'","''") & "', '" & Replace(iDescription11,"'","''") & "', '" & Replace(iDescription12,"'","''") & "', '" & Replace(iDescription13,"'","''") & "', '" & Replace(iPrice,"'","''") & "', '" & Replace(iSold,"'","''") & "', '" & Replace(iPic1,"'","''") & "', '" & Replace(iPic2,"'","''") & "', '" & Replace(iPic3,"'","''") & "', '" & Replace(iPic4,"'","''") & "', '" & Replace(iVActive,"'","''") & "')"
I receive a Server 500 error.
The ID field is a Primary Key but the record is chosen using a passed URL variable:
<%
Dim thevehicle
Dim thevehicle_numRows
Dim tvSQLsource
Dim tvSQLid
Dim tvSQLstring
tvSQLsource = "SELECT * FROM tblCarList WHERE ID = "
tvSQLid = Request.Querystring("ID")
tvSQLstring = tvSQLsource & tvSQLid
Set thevehicle = Server.CreateObject("ADODB.Recordset")
thevehicle.ActiveConnection = MM_database_STRING
thevehicle.Source = tvSQLstring
thevehicle.CursorType = 0
thevehicle.CursorLocation = 2
thevehicle.LockType = 1
thevehicle.Open()
thevehicle_numRows = 0
%>
The database connection string is:
<!-- #include virtual = "/my_db/adovbs.inc" -->
<%
' Path to Databases
Dim MM_database_STRING, MM_database_STRINGPath, MM_database_STRINGPathBlank
MM_database_STRING = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" + Server.MapPath("\my_db\car_database_new.mdb")
MM_database_STRINGPath = Server.MapPath("\my_db\car_database_new.mdb")
%>
Any help with this would be appreciated as I haven't kept up to date on coding for over 10 years.
What I have tried:
I have changed the form and variable names from the new record page when creating the update record page.