<% phonenumber=Request.Form("phonenumber") idusage=Request.Form("idusage") minutes=format(Request.Form("minutes")) messages=format(Request.Form("messages")) date1=format(Request.Form("date1")) date2=format(Request.Form("date2")) date3=format(Request.Form("date3")) ' Function that converts to universal format yyyy/mm/dd Function dbDate(dt) dbDate = year(dt) &"/"& right("0" & month(dt), 2) &_ "/"& right("0" & day(dt),2) End Function ' Function that eliminates singles "'" and spaces in input strings ' And some other things to avoid SQL injection attacks Function format(st) dim stnew stnew = st stnew = Replace(stnew,"'","''") stnew = Replace(stnew,"""","") stnew = Replace(stnew,"--","") stnew = Replace(stnew,"DELETE","") stnew = Replace(stnew,"UPDATE","") stnew = Replace(stnew,"DROP","") stnew = Replace(stnew,"SELECT","") stnew = Replace(stnew,"INSERT","") stnew = Server.HTMLEncode(stnew) format = Trim(stnew) End Function Set connection = Server.CreateObject("ADODB.Connection") connection.Open("customers") udate=date1&"/"&date2&"/"&date3 SQL="UPDATE Usage SET Usage_Date=#"&dbDate(udate)&"#,Minutes='"&minutes&"',Messages='"&messages&"' WHERE ID_Usage like '"&idusage&"';" connection.Execute(SQL) %> Cellular Advice NI LTD

Update Usage.

<% Response.Write("

Success. Data was updated correctly in the database.
") Response.Write("
Click here to list the usage of the phone

") %>

 

 

©2005 Cellular Advice NI LTD

<% connection.Close() %> e-REdING. Biblioteca de la Escuela Superior de Ingenieros de Sevilla.


SISTEMA DE INFORMACIÓN INTEGRAL PARA EMPRESAS APLICANDO TECNOLOGÍAS DE INFORMACIÓN Y VPNS

: Salvago Hidalgo, Raúl
: Ingeniería Telecomunicación
Contenido del proyecto:
Directorio raíz  >  Sitio Web  >  usage  >  updateusage.asp