SQL - Updating Empty Text Field is enterring -1

Ask a Question related to ASP Database, Design and Development.

  1. Aaron Bertrand - MVP #1

    Default Re: SQL - Updating Empty Text Field is enterring -1

    > "Update [Website Settings] set userid = '" & REquest.form("userid") &
    > "' and repid = '" & Request.form("repid") & "' where " & var1 & var2
    > & var3
    Response.write this to the screen, instead of executing it, and examine the
    result.


    Aaron Bertrand - MVP Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. #39134 [NEW]: PHP + FreeTDS 0.64 crashes when TEXT field with empty string encountered
      From: jr-phpbugs at cedric dot unob dot cz Operating system: linux (irrelevant) PHP version: 4.4.4 PHP Bug Type: MSSQL...
    2. Dynamic removal of text if field is empty using PHP
      I have a mySQL database which has some fields which may, or may not be empty. I wish to display them in the following way using PHP:- Result 1;...
    3. Radio btn makes text field equal value of different text field
      What I am trying to do is when someone clicks on the YES radio button I want the text field called MYTEXT to equal the text field named DATE. The...
    4. Updating a text field in SQL Server 2000
      I am trying to write some code that inserts or updates a text field in my SQL Server 2000 database. The SQL statement is created using a submit...
    5. Updating part of the text in an NTEXT field
      SQL Server Version - 7 Table - Pages Field - Content Hi, I need to update an ip address in an ntext field. I have looked at UPDATEXT, the...
  2. Erland Sommarskog #2

    Default Re: SQL - Updating Empty Text Field is enterring -1

    [posted and mailed, please reply in news]

    Scott Hoff (SHOFF@FIRSTHEARTLAND.COM) writes:
    > However, when I update the empty fields in this table it places a -1
    > into the field rather than the enterred value.
    >...
    > "Update [Website Settings] set userid = '" & REquest.form("userid") &
    > "' and repid = '" & Request.form("repid") & "' where " & var1 & var2
    > & var3
    If that is all that happens, consider yourself lucky. A malicious
    user could use the above for SQL intrusion, and SQL Server to execute
    commands you sure did not intend him to. For a starter, enter
    O'Brien in userid.

    --
    Erland Sommarskog, SQL Server MVP, [email]sommar@algonet.se[/email]

    Books Online for SQL Server SP3 at
    [url]http://www.microsoft.com/sql/techinfo/productdoc/2000/books.asp[/url]
    Erland Sommarskog Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139