Hi all, Do you have any recommendation how to write an asp loop to list all the url (>200) from the MS SQL database and make them hyperlink with the title? Then normal hyperlink is <a href="http://www.home.com">Home</a>, but in asp programming I have difficult to response.write the quatation mark ", Example (I can only write in this way): Do until oRs.EOF Response.Write ("<b><a href='") & oRs.Fields("url") & ("'>") & oRs.Fields("title") & ("</a></b>") oRS.MoveNext Loop Example (Give me error if I write in this way): Do until oRs.EOF Response.Write ("<b><a href="") & oRs.Fields("url") & ("">") & oRs.Fields("title") & ("</a></b>") oRS.MoveNext Loop I do not want to add the quatation mark in url in MS SQL. Thanks.
Made my eyes go all funny all those quotes Right the problem seems to be your not escaping the double quote on the second one, so the parser thinks your closing the string, try this Response.Write ("<b><a href=" & chr(34) & oRs.Fields("url") & chr(34) & ">" & oRs.Fields("title") & "</a></b>") chr(34) will give you a double quote, and its slightly more readable than Response.Write ("<b><a href=""") & oRs.Fields("url") & (""">") & oRs.Fields("title") & ("</a></b>") Which has 3 double quotes, 2 to escape the double quote, then one to terminate that block of string. Haven't tried either of my solutions and they are off the top of my head so may need some tweaking but thats the problem your having. Jen
Thanks for your enlightenment, Jennip. It's a really useful info. Sorry for my ignorant as I just learn asp programming since last week.
Thats ok, its what we are here for to help each other. The whole double quote escaping thing can still confuse the hell out of me and I've been doing this for 15 years, thats why I always use CHR(34) if possible to make it very clear what I'm trying to do. Jen
Wow, 15 years! You are a very experienced programmer. Then may I know more about the database management? 1.) Can I set a password on a MS Access 2000 database file? If not, then is it safe to put a MS Access 2000 database file in my domain folder without setting a password? 2.) Any recommendation I can do to enhance the database security? I want to prevent some important data such as email list retrieved or read from the database by email-spammer. Thanks a lot. Meaning,
Firstly try and avoid using Access its not really that good for Internet facing systems or anything where multi user access is required, using SQL Server or even MySql is a far better option and will scale to a large number of users where Access on the whole wont. As for protecting it if you have to use Access, yes you can use a password this article here should give you most of the information Article link, as for protecting it, it rather depends on your web host, they may allow you to change security permissions so it cant be downloaded. Some basic things to do Don't call the database anything obvious Put the database in a sub directory with an odd name (Something that wont be guessed) Make sure any include files are .ASP not .INC, .INC can be downloaded and read. Encrypt data in the database Make sure the password of the database and any password protecting your hosting account is a strong password (IE not a common word, at least 8 characters and has upper and lower case characters, numbers and punctuation. Although since Access passwords are fairly easy to crack this wont stop many people very long. Try and hack yourself, use what you know to try and download the file, but make sure you do this on the system the application will be deployed on If your host gives you space that isnt part of your website (Most Linux hosters seem too), put your database there as it wont be able to be downloaded except by FTP Again moving away from Access to a server based database would increase the level of protection. Jen
Hi Morgana, could you please show some example? Thanks. Hi JenniP, thanks for the info. From your recommendation, I think I will split the database into two parts; non-sensitive data (url and title) in Access and sensitive data (email and password) in MS SQL. Because the MS SQL has file size limit of 200MB. Btw, will encrypting data in the database affect the asp file read and modify the data?