Previous Article
Send Email using ASP Classic and CDOSYS
SELECT Statement, INSERT Statement, UPDATE Statement, DELETE Statement, in ASP using Parameter's, in the combat against SQL & XSS INJECTION
Next Article
ASP Classic Linkify - Convert text links into Clickable URLs
Coding Article #: 39 - Published On: July 27, 2012 @ 13:01:42 PM - Last Updated on: January 11, 2016
This article has been Favorited 44 times
Join today, and add this to your favorites.
Coding Source - Share on MySpace Coding Source - Share With Facebook Coding Source - Share on Twitter Coding Source - Share on Reddit Coding Source - Share on Digg It Coding Source - Share on Stumble Upon It Coding Source - Share on Delicious
Share With Friends (Updated 6-8-2010)

Supported Files
Support Files! (Members Only)
Login (or) Register today!
Decompress with
Download winzip today!    (OR)    
Screenshot of Source Code
Coding Source - SELECT Statement, INSERT Statement, UPDATE Statement, DELETE Statement, in ASP using Parameter's, in the combat against SQL & XSS INJECTION
SQL Injection is a code that is submitted towards your input forms, in hopes of manipulating your database structure, and thus, allowing for the intruder (or) hacker, to gain access to your records, thus rendering your site useless.

XSS Injections is a JavaScript-based code, that does the same thing as above, however, this XSS Based Attacks if done right, will allow the attacker to plant vicious code on your site, that will affect your visitors, and or potentially make your site dangerous to all visitors.

The cool parts about this script are that it will show you how to use ASP Classic along with Parameterized Queries, to do all your database work.
You will learn the following, how toes.
(This method can be used in any database, not just the sample Access database, you will be able to use this procedure across nearly all data structures).

Insert data into your database.
Update the data records that are in your database.
Delete the records from your database
Select the records to display them to your visitors.

The entire script is completed marked up, so you will know everything that is happening within the code.

The zip file contains the following files.
ADOVBS.inc ' This is the code that is used for the Parameters.
cons.asp ' This is your database connection, and the SQL and XSS Injection Scripts to protect your code.
Q_24801116.asp ' This is the main page
Q_24801116.mdb ' This is your Sample access Database.
setRecords.asp ' This is the code behind, that does all the "Insert, Update, Delete" Statement.

Good Luck!

View Live Example«
Post to Facebook about: SELECT Statement, INSERT Statement, UPDATE Statement, DELETE Statement, in ASP using Parameter's, in the combat against SQL & XSS INJECTION