1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Comparing Results From 2 Different Arrays (checkboxes)

Discussion in 'C#' started by jhd1967, Jul 14, 2009.

0
  1. #1
    I have two arrays which are values for checkboxes and I need to compare them on the next page when they get submited, The first array I created which is the checkbox values that were selected previously:

    1st page: 

    <input type='checkbox' name="compare" value="131717"/>

  <input type='checkbox' name="compare"  value="131719"/>
    Code (markup):
    2page.asp?compare=131717&compare=131719

    i did try to use this script

    <% Dim Connection, Recordset
Dim sSQL, sConnString, iColumnSpan

sSQL="SELECT *  FROM news WHERE newsid IN (" & Replace( Request.QueryString("compare"), "'", "''") & ")"
sConnString="Provider=SQLOLEDB.1;......."

Set connection = Server.CreateObject("ADODB.Connection")
Set recordset = Server.CreateObject("ADODB.Recordset")

connection.Open sConnString

recordset.Open sSQL,connection
If Recordset.EOF Then
Response.Write("No records returned.")
Else

Response.write "<table width=""100%"" border=""1"">" %>
    Code (markup):
    But i am vulnerable to sql injection using this method.

    Any Help Thank you
     
    jhd1967, Jul 14, 2009 IP