Using magic numbers is this practice: ' (1) BAD BAD BAD rs.Open sql, conn, 0, 1, 1
instead of ' (2) GOOD GOOD GOOD rs.Open sql, conn, adOpenForwardOnly, adLockReadOnly, adCmdText (1) is difficult to glance at and see what it is doing. (2) is easy to glance at and see what it is doing. Lonnie has mischaracterized what I said (as I knew someone would). There has been multiple discussions on this list (many that I participated in) that explained the issues I discussed below. I don't think they shoudl be there for every response, but I do believe that the people that answer most often on this list (of which I know are good people and programmers) shouldn't sacrifice the obvious solution for the not-so-obvious solution. That happened in the majority of the responses in this thread. I AM NOT chastizing anyone...just pointing out that a good thourough examination of the problem should have perks more than just "surround the value with single qutes". This is one of the bedrocks of code debugging and testing. David L. Penton, Microsoft MVP JCPenney Application Specialist / Lead "Mathematics is music for the mind, and Music is Mathematics for the Soul. - J.S. Bach" [EMAIL PROTECTED] Do you have the VBScript Docs or SQL BOL installed? If not, why not? VBScript Docs: http://www.davidpenton.com/vbscript SQL BOL: http://www.davidpenton.com/sqlbol -----Original Message----- From: Roji Thomas [mailto:rojithomas@;hotmail.com] What is that Magic Numbers best practice? I had tried a quick search in Google, but nothing seems to make sense in the context of ASP ----- Original Message ----- From: "Lonnie.Kraemer" <[EMAIL PROTECTED]> > > <just_wondering> > > > > Why is it that 20 some-odd people posted responses and no one > mentioned > > using Replace() (or the possibility of a SQL injection attack) as > well? > > > > </just_wondering> > > > > Promoting best practices should be on the mind of all of us. I am > even > > guilty of this in this scenario. I should have mentioned that even in > > MSAccess you can use a Command object for querydefs or parameterized > queries > > in the VBScript code itself. > > The original post cited only a variable name. It was unknown if it'd > been replaced prior. Nor would it be known of other 'best practices' > such as Option Explicit, Magic Numbers, etc. Are you suggesting that all > 'best practices' be named for every response? --- You are currently subscribed to activeserverpages as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
