Thanks for the tip!
Mischa Kroon <[EMAIL PROTECTED]> wrote:ehm, guys this isn't a wise thing to do.
If you do it this way please do someting like this:
Dim strSQL as string = "select * from publishers where PubID=" &
cint(Request.Querystring("PubID"))
to make sure that someone doesn't do this:
publisher.aspx?PubID=1=1;delete * from publisher;--
Don't trust input which can be altered please.
----- Original Message -----
From: "Anna Leon" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, October 24, 2005 8:47 PM
Subject: Re: [AspNetAnyQuestionIsOk] Edit Form on 2 pages
> Thank you!
>
> Mark E <[EMAIL PROTECTED]> wrote:Pass your PubID in the querystring
> to the second page and this would work:
>
> Dim strSQL as string = "select * from publishers where PubID=" &
> Request.Querystring("PubID")
>
> Mark
>
> sas0riza <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I have a datagrid that show all records and hyperlink to a record in
> a database.
>
> When I click on a hyperlink, I am taken to a second page where I can
> do the editing.
>
>
> I have one question though...on my second page (where I do the
> editing), how should I write the WHERE clause?
>
> e.g.
>
> If NOT IsPostBack Then
>
> Dim strConn as string =_
>
> Dim strSQL as string = "select * from publishers where PubID=?"
>
>
> Any help is greatly appreciated.
>
> Thanks!
>
>
>
>
>
> SPONSORED LINKS
> Basic programming language Computer programming languages Programming
> languages Java programming language
>
> ---------------------------------
> YAHOO! GROUPS LINKS
>
>
> Visit your group "AspNetAnyQuestionIsOk" on the web.
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
>
>
> ---------------------------------
>
>
>
>
> [Non-text portions of this message have been removed]
>
>
>
> SPONSORED LINKS
> Basic programming language Computer programming languages Programming
> languages Java programming language
>
> ---------------------------------
> YAHOO! GROUPS LINKS
>
>
> Visit your group "AspNetAnyQuestionIsOk" on the web.
>
> To unsubscribe from this group, send an email to:
> [EMAIL PROTECTED]
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
>
>
> ---------------------------------
>
>
>
>
>
> ---------------------------------
> Yahoo! FareChase - Search multiple travel sites in one click.
>
> [Non-text portions of this message have been removed]
>
>
>
>
>
> Yahoo! Groups Links
>
>
>
>
>
>
---------------------------------
YAHOO! GROUPS LINKS
Visit your group "AspNetAnyQuestionIsOk" on the web.
To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
---------------------------------
---------------------------------
Yahoo! FareChase - Search multiple travel sites in one click.
[Non-text portions of this message have been removed]
------------------------ Yahoo! Groups Sponsor --------------------~-->
Get Bzzzy! (real tools to help you find a job). Welcome to the Sweet Life.
http://us.click.yahoo.com/A77XvD/vlQLAA/TtwFAA/saFolB/TM
--------------------------------------------------------------------~->
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/AspNetAnyQuestionIsOk/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
