| This page shows the actual source code used on this site. You can read the article that discusses this code here. If this is the first CYA source code you've seen you should read this overview first.  Did you know you can download all the source code (and the database) of this site? Then get my newsletter to be emailed when I update the source code!
Please spread the word by recommending my site to your friends and colleagues! | This is JScript (server-side JavaScript), not the more common VBScript. More... |
ResultsPage.asp<!--#include file = "include/Startup.asp"-->
<%
// ============================================
// NOTE: all source code downloaded from CoverYourASP was written by
// James Shaw (unless stated otherwise), and is copyright (c) 2000-2002
// by James Shaw. You can use the code for any purpose, but do not
// publish or distribute the content in any way.
//
// See http://CoverYourASP.com/Legal.asp for up-to-date details.
// ============================================
// save the referring URL
var sReferer = "" + Request.ServerVariables ( "HTTP_REFERER" );
// some code to make it safer for testers who dont have referer!
if ( sReferer == "undefined" )
sReferer = 'CategoryPage.asp?cat=Computers+and+Internet&cat=Cyberculture&cat=Cyberpunk';
// get the categories from the URL
var nCategories = Request.QueryString( "cat" ).Count;
// move them into an array for later processing
var sCategories = new Array;
// there should always be two, and only two, categories
if ( nCategories < 2 )
{
// stop weirdo's playing with URL
nCategories = 2;
sCategories [ 0 ] = "Computers and Internet";
sCategories [ 1 ] = "Authors";
}
else
{
var i;
for ( i = 0; i < 2; i++ )
sCategories [ i ] = Request.QueryString( "cat" )( i+1 );
}
// output relevant meta tags
Init( sCategories [ 1 ] );
// output common top of page
Header( '<a href="' + sReferer + '">Categories</a> --> ' + sCategories [ 1 ] );
// output page content
Content ( );
// output common bottom of page
Footer( );
// ============================================
// the content of this page
// ============================================
function Content ( )
{
Out ( '<td valign="top" class="content">' );
Out ( 'The category you chose, <b>' + sCategories [ 1 ] + '</b>, doesn\'t have any sub-categories, so this page should now display the actual contents of that category.' );
Out ( '<p>I haven\'t got any real content of course, but I\'ve simulated some below so I can give you some code for retrieving and displaying the results nicely.' );
Out ( '<p>There are basically two types of content in my scheme. People who\'ve paid me lots of money, and those cheap-skates who haven\'t. The former are shown at the top of the listing, and have an enhanced display, while the latter are shown in what I\'ve called the pigpen style - all crammed in together.' );
// display the category heading
Out ( '<center><h3>' + sCategories [ 1 ] + '</h3>' );
// get the content in this category from the database
//
// this is how it should be done in real life...
// DBGetRecords ( 'SELECT * FROM Content WHERE CategoryID=\'' + sCategories [ 1 ] + '\' AND TopCategoryID=\'' + sCategories [ 0 ] + '\' ORDER BY Purchased;' );
//
//...and this is how I'm going to get some test data!
DBInitConnection ( );
DBGetRecords ( 'SELECT * FROM Content ORDER BY Purchased,ContentID;' );
// find anything?
if ( oRecordSet.EOF )
{
Out ( 'Nothing found!' );
}
else
{
Out ( '<table cellspacing=0 cellpadding=0>' );
var bHR = true; // should I rule off the content?
while ( !oRecordSet.EOF )
{
var bPurchased = 0 + oRecordSet ( "Purchased" );
Out ( '<tr><td align="left">' );
if ( bHR )
{
Out ( '<hr>' );
if ( !bPurchased )
bHR = false;
}
FormatResult ( bPurchased );
oRecordSet.MoveNext();
if ( oRecordSet.EOF )
Out ( '<hr>' );
Out ( '</td></tr>' );
}
Out ( '</table><p>' );
}
DBReleaseConnection ( );
Out ( '<p><a href="' + sReferer + '">Back to the categories..</a>' );
Out ( '<p><a href="ShowSource.asp?page=ResultsPage"><img src="images/source.gif" border=0></a>' );
Out ( '</center></td>' );
Out ( '<td background="images/gx/navgap.gif" valign="top">' );
// show rotating banners
ShowBanners ( 2 );
Out ( '</td>' );
}
// ============================================
// Formats the oRecordSet fields - but ignores some fields if bPurchased
// is false
// ============================================
function FormatResult ( bPurchased )
{
// name
if ( "" + oRecordSet ( "Name" ) != "null" )
Out ( '<b>' + oRecordSet ( "Name" ) + '</b> ' );
// Email (if purchased)
if ( bPurchased && "" + oRecordSet ( "Email" ) != "null" )
{
Out ( '<a href="mailto:' + oRecordSet ( "Email" ) + '?subject=Saw you at CoverYourASP.com!" title="Send an email">Email us <img src="images/mail.gif" border="0" align="top" alt="Email"></a> ' );
}
// address
if ( "" + oRecordSet ( "Address" ) != "null" )
{
if ( bPurchased ) // show link to a map of the address
Out ( '<a href="MapAddress.asp?a=' + Server.URLEncode( oRecordSet ( "Address" ) ) + '" title="View map and directions..">' );
Out ( "" + oRecordSet ( "Address" ) );
if ( bPurchased )
Out ( ' <img src="images/map.gif" border="0" align="top" alt="Map"></a>' );
}
// description (if purchased)
if ( bPurchased && "" + oRecordSet ( "Description" ) != "null" )
Out ( '<br> ' + oRecordSet ( "Description" ) );
}
%> |
utils/Database.asp<%
// ============================================
// NOTE: all source code downloaded from CoverYourASP was written by
// James Shaw (unless stated otherwise), and is copyright (c) 2000-2002
// by James Shaw. You can use the code for any purpose, but do not
// publish or distribute the content in any way.
//
// See http://CoverYourASP.com/Legal.asp for up-to-date details.
// ============================================
// globals
var oConnection;
var oRecordSet;
// enums
// Connection.State and Recordset.State property
var adStateClosed = 0; // the object is closed.
var adStateOpen = 1; // the object is open.
var adStateConnecting = 2; // the object is connecting.
var adStateExecuting = 4; // the object is executing a command.
var adStateFetching = 8; // the rows of the object are being fetched.
// Recordset.Cursor property
var adOpenUnspecified = -1; // does not specify the type of cursor.
var adOpenForwardOnly = 0; // (default) a forward-only cursor, i.e. you get only one pass thru the data!
var adOpenKeyset = 1; // can go in any direction, and as a bonus you'll see changes other users make. EXPENSIVE!
var adOpenDynamic = 2; // as Keyset, but also you can see additions/deletions other users make. EXPENSIVE!
var adOpenStatic = 3; // can go in any direction, but read-only.
// Recordset.LockType property
var adLockUnspecified = -1; // does not specify a type of lock.
var adLockReadOnly = 1; // (default) guess!
var adLockPessimistic = 2; // guaranteed to work
var adLockOptimistic = 3; // records locked only when you call Update. fingers crossed
var adLockBatchOptimistic = 4;// required for batch update mode
var adCmdUnspecified = -1; // Does not specify the command type argument.
var adCmdUnknown = 8; // Default. Indicates that the type of command in the CommandText property is not known.
var adCmdText = 1; // a textual definition of a command or stored procedure call.
var adCmdTable = 2; // a table name whose columns are all returned by an internally generated SQL query.
var adCmdStoredProc = 4; // a stored procedure name.
var adCmdFile = 256; // a persisted Recordset.
var adCmdTableDirect = 512; // a table name whose columns are all returned.
// SchemaEnum - specifies the type of schema Recordset to be retrieved by the OpenSchema method
var adSchemaTables = 20; // returns the tables
var adSchemaForeignKeys = 27 // returns the foreign keys (relationships)
// ============================================
// example usage:
// DBInitConnection ( );
//
// DBGetRecords ( "SELECT * FROM Somewhere" );
//
// ...use oRecordSet
//
// DBReleaseRecords ( ); // optional step
//
// DBGetRecords ( "SELECT * FROM SomewhereElse" );
//
// ...use oRecordSet
//
// DBReleaseRecords ( ); // optional step
//
// DBReleaseConnection ( );
// ============================================
// ============================================
// initializes database variables for first use on page - leave it to the
// last possible second before calling this function
// ============================================
function DBInitConnection ( )
{
// don't open it again if already opened!
if ( oConnection != undefined )
return;
// don't bother trying to open if path is below SSI folders
if ( -1 != sDBPath.indexOf ( '\\utils\\' ) || -1 != sDBPath.indexOf ( '\\include\\' ) )
return;
// you can open Recordset objects without a Connection object, but
// it's far less efficient if you are opening multiple Recordsets.
//
// if you don't create a Connection object ADO creates a new one for
// each new Recordset.Open, even if you use the same connection string.
oConnection = Server.CreateObject( 'ADODB.Connection' );
try
{
// open the database, catching any errors that occur
oConnection.Open( sConnectionString );
}
catch ( e )
{
// display error message, and send email
DatabaseException ( e );
// quit running the script completely
Response.End ( );
}
// create a Recordset
oRecordSet = Server.CreateObject( 'ADODB.Recordset' );
}
// ============================================
// tidies up after DBInitConnection
// ============================================
function DBReleaseConnection ( )
{
// don't release the connection if not connected!
if ( oConnection == undefined )
return;
// close and delete the Recordset object
DBReleaseRecords ( );
oRecordSet = undefined;
// Don't call Close if the Recordset failed to Open properly, i.e. its
// State is still adStateClosed (0)
if ( oConnection.State != adStateClosed )
oConnection.Close();
oConnection = undefined;
}
// ============================================
// executes the passed in SQL statement and returns a read-only
// forward-only oRecordSet object
// ============================================
function DBGetRecords ( sSQL )
{
// if the Recordset is already open, close it
DBReleaseRecords ( );
// I could use oRecordSet = oConnection.Execute( sSQL ) here
// but then I will always get back a read-only, forward-only cursor.
// (admittedly this is the most used type, but still)
// use oRecordSet.Open and I have far more control. For details
// read the definitions of the enums at the top of this file.
//Out ( sSQL );Response.Flush();
try
{
// remember that this can fail if passed garbage, and hence the
// Recordset will remain closed, State == adStateClosed
if ( oConnection )
oRecordSet.Open ( sSQL, oConnection, adOpenForwardOnly, adLockReadOnly );
}
catch ( e )
{
// display error message, and send email
DatabaseException ( e );
// quit running the script completely
Response.End ( );
}
}
// ============================================
// tidies up after DBGetRecords
// ============================================
function DBReleaseRecords ( )
{
// when you have finished with an open Recordset object, call the
// Close method to release its resources. You can call Open again.
// Don't call Close if the Recordset failed to Open properly, i.e. its
// State is still adStateClosed
if ( oRecordSet != undefined && oRecordSet.State != adStateClosed )
oRecordSet.Close();
}
// ============================================
// display exception message, but strip out database path if necessary
// ============================================
function DatabaseException ( e )
{
Out ( '<table bgcolor="#ff0000" cellpadding="20"><tr><td>' );
Out ( '<h4><font color="white">An error has occured while connecting to the database:</font></h4>' );
var sMessage = e.description;
// strip out the database path if present
var nStart = sMessage.indexOf ( sDBPath )
if ( -1 != nStart )
sMessage = sMessage.slice ( 0, nStart ) + '[database path]' + sMessage.slice ( nStart + sDBPath.length );
Out ( '<h4> "' + sMessage + '"</h4>' );
Out ( '<h4><font color="white">Don\'t despair - this problem is probably well-documented in my <a href="http://CoverYourASP.com/Trouble.asp"><font color="white">trouble-shooting</font></a> section.</font></h4>' );
Out ( '</td></tr></table>' );
// make up the message body
var sBody = 'The file "' + Request.ServerVariables ( "URL" ) + '?' + Request.QueryString ( ) + '" generated a database error\n\n';
sBody += 'Referrer: "' + Request.ServerVariables ( "HTTP_REFERER" ) + '".\n';
sBody += 'Browser: "' + Request.ServerVariables ( "HTTP_USER_AGENT" ) + '".\n';
sBody += 'IP address: "' + Request.ServerVariables ( "REMOTE_ADDR" ) + '".\n';
var dateToday = new Date();
sBody += 'Time: "' + dateToday.getHours() + ':' + dateToday.getMinutes() + '".\n';
sBody += sMessage;
// send the email
SendEmail ( 'Database.Exception', 'BadDB@' + sHostDomain, '', 'Reporting exception', sBody );
}
// ============================================
// are we using Jet engine db, or SQL server?
// ============================================
var bUsingJet;
function DBIsJet ( )
{
// for efficiency, only work out if which I'm using
// the first time I'm used on a page.
if ( bUsingJet == undefined )
bUsingJet = ( -1 != sDBDriver.indexOf ( '.Jet.' ) );
return bUsingJet;
}
// ============================================
// wrap date in relevant delimeters depending on db engine
// ============================================
function DBWrapDate ( sDate )
{
return ( DBIsJet ( ) ? '#' + sDate + '#' : '\'' + sDate + '\'' );
}
// ============================================
//
// ============================================
function DBIsNull ( )
{
return ( DBIsJet ( ) ? 'Is Null' : '= null' );
}
// ============================================
// stores dropdown lists in Application variables for use with foreign keys
// ============================================
function DBGatherForeignKeys ( )
{
if ( !Application ( 'GatheredForeignKeys' ) )
{
DBInitConnection ( );
bDebug = true;
oRecordSet = oConnection.OpenSchema ( adSchemaForeignKeys );
var nFields = oRecordSet.Fields.Count;
var bHeaders = false;
var sRefTables = new Array;
var sRefColumns = new Array;
var sForeignTables = new Array;
var sForeignColumns = new Array;
var nForeign = 0;
while ( !oRecordSet.EOF )
{
if ( IsDebug ( ) )
{
if ( !bHeaders )
{
Out ( '<table border="1"><tr>' );
for ( i=0; i<nFields; i++ )
Out ( '<td>' + oRecordSet.Fields ( i ).Name + '</td>' );
Out ( '</tr>' );
bHeaders= true;
}
Out ( '<tr>' );
for ( i=0; i<nFields; i++ )
Out ( '<td>' + oRecordSet ( i ) + '</td>' );
Out ( '</tr>' );
}
sRefTables [ nForeign ] = '' + oRecordSet ( 'FK_TABLE_NAME' );
sRefColumns [ nForeign ] = '' + oRecordSet ( 'FK_COLUMN_NAME' );
sForeignTables [ nForeign ] = '' + oRecordSet ( 'PK_TABLE_NAME' );
sForeignColumns [ nForeign++ ] = '' + oRecordSet ( 'PK_COLUMN_NAME' );
oRecordSet.MoveNext ( );
}
if ( bHeaders )
DebugOut ( '</table>' );
for ( i=0; i<nForeign; i++ )
{
DBGetRecords ( 'SELECT * FROM ' + sForeignTables [ i ] );
try
{
var sList = '<select name="' + sRefColumns [ i ] + '">';
var sForeignColumn = sForeignColumns [ i ];
while ( !oRecordSet.EOF )
{
// I assume that the second field is
// the one to show in dropdown list
sList += '<option value="' + oRecordSet ( sForeignColumn ) + '">' + oRecordSet ( 1 ) + '</option>';
oRecordSet.MoveNext ( );
}
sList += '</select>';
Application ( sRefTables [ i ] + ':' + sRefColumns [ i ] ) = sList;
DebugOut ( '<p>Created ' + sRefTables [ i ] + ':' + sRefColumns [ i ] );
DebugOut ( '<p>' + sRefColumns [ i ] + '=' + sForeignTables [ i ] + ':' + sForeignColumn + ' output:'+ Server.HTMLEncode ( sList ) + sList );
}
catch ( e )
{
DebugOut ( '<p>Failed to create dropdown list for ' + sRefTables [ i ] + ':' + sRefColumns [ i ] );
}
}
DBReleaseConnection ( );
Application ( 'GatheredForeignKeys' ) = true;
}
}
// ============================================
// display (not editable) recordset column value
// ============================================
function DBDisplayValue ( oRecordSet, sTableName, nColumn )
{
var sColumnName = oRecordSet.Fields ( nColumn ).Name;
var oValue = oRecordSet ( nColumn );
// get dropdown list if a foreign key
var sHTML = Application ( sTableName + ':' + sColumnName );
// DebugOut ( '<p>Application ( ' + sTableName + ':' + sColumnName + '=' + sHTML );
if ( sHTML )
{
// disable control
var nIndex = sHTML.indexOf ( ' name' );
if ( nIndex != -1 )
sHTML = sHTML.slice ( 0, nIndex ) + ' disabled' + sHTML.slice ( nIndex );
// place 'selected' in the correct spot
var nIndex = sHTML.indexOf ( ' value="' + oValue );
if ( nIndex != -1 )
sHTML = sHTML.slice ( 0, nIndex ) + ' selected' + sHTML.slice ( nIndex );
}
else
{
// show prettier dates
if ( oValue.Type == 7/*date*/ )
sHTML = FormatDateDMY ( oValue );
else
sHTML = "" + Server.HTMLEncode ( '' + oValue );
// for brevity show the first x characters only
if ( sHTML.length > 35 )
sHTML = sHTML.slice ( 0, 35 ) + '...';
}
return sHTML;
}
// ============================================
// display editable recordset column value
// ============================================
function DBEditValue ( oRecordSet, sTableName, nColumn )
{
var sColumnName = oRecordSet.Fields ( nColumn ).Name;
var oValue = oRecordSet ( nColumn );
// get dropdown list if a foreign key
var sHTML = Application ( sTableName + ':' + sColumnName );
// DebugOut ( '<p>Application ( ' + sTableName + ':' + sColumnName + '=' + sHTML );
if ( sHTML )
{
// place 'selected' in the correct spot
var nIndex = sHTML.indexOf ( ' value="' + oValue );
if ( nIndex != -1 )
sHTML = sHTML.slice ( 0, nIndex ) + ' selected' + sHTML.slice ( nIndex );
}
else
{
// show prettier dates
if ( oValue.Type == 7/*date*/ )
sHTML = FormatDateDMY ( oValue );
else
sHTML = "" + Server.HTMLEncode ( '' + oValue );
sHTML = '<input type="text" name="' + sColumnName + '" size="45" value="' + sHTML + '">';
}
return sHTML;
}
// ============================================
// return value with ' replaced by SQL-safe ''
// ============================================
function DBEncode ( sValue )
{
return sValue.replace ( /\'/g, '\'\'' );
}
%>
|
The Content tableThe layout of the table is simple, but the entire database is contained in the download! 
Hopefully much of this is self-explanatory. If not, or if you see ways that I can improve the code, please drop me a line. To see the source code for this page, click on the icon below. | |
