Created
February 13, 2021 14:53
-
-
Save stefanpejcic/b8cef97d5f75c2ca9499a92455bdca3c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<% | |
strDBConnection = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=bevnet_sa;Initial Catalog=xxxx;Data Source=localhost;Network Library=DBMSSOCN;uid=xxxx;password=xxxx" | |
Function connection_DBLookUpSP(strSQL) | |
Dim rsResults | |
Dim varResult | |
if InStr(strSQL, "EXEC(") Then | |
Response.END | |
End if | |
Dim ErrorMessage | |
Set rsResults = Server.CreateObject("ADODB.Recordset") | |
rsResults.Open strSQL, strDBConnection | |
If Not rsResults.EOF Then | |
varResult = rsResults(0) | |
Else | |
varResult = "" | |
End If | |
rsResults.Close | |
Set rsResults = Nothing | |
connection_DBLookUpSP = varResult | |
End Function | |
Function connection_DBLookUp(strColumnName, strTableName, strWhere) | |
Dim rsResults | |
Dim varResult | |
Dim strSQL | |
Dim ErrorMessage | |
if InStr(strWhere, "EXEC(") Then | |
Response.END | |
End if | |
if InStr(strColumnName, "EXEC(") Then | |
Response.END | |
End If | |
if InStr(strTableName, "EXEC(") Then | |
Response.END | |
End If | |
strSQL = "SELECT " & strColumnName | |
If Len(CStr(strTableName)) > 0 Then | |
strSQL = strSQL & " FROM " & strTableName | |
If Len(CStr(strWhere)) > 0 Then strSQL = strSQL & " WHERE " & strWhere | |
Set rsResults = Server.CreateObject("ADODB.Recordset") | |
rsResults.Open strSQL, strDBConnection | |
If Not rsResults.EOF Then | |
varResult = rsResults(0) | |
Else | |
varResult = "" | |
End If | |
rsResults.Close | |
Set rsResults = Nothing | |
connection_DBLookUp = varResult | |
Else | |
connection_DBLookUp = "" | |
End If | |
End Function | |
Function connection_GetRecordset(strSQL) | |
'this function returns a disconnected recordset | |
if InStr(strSQL, "EXEC(") Then | |
Response.END | |
End if | |
Dim objConn | |
Dim objRecordset | |
Dim strErrorDescription | |
'Open a connection | |
On Error Resume Next | |
Set objConn = Server.CreateObject("ADODB.Connection") | |
objConn.Open strDBConnection | |
If Err.number <> 0 then | |
Response.Write Err.Description | |
Response.END | |
End If | |
' On Error Resume Next | |
'Create the Recordset object | |
Set objRecordset = Server.CreateObject("ADODB.Recordset") | |
objRecordset.CursorLocation = 3 | |
'Populate the Recordset object with a SQL query | |
objRecordset.Open strSQL, objConn, 3, 4 | |
'Disconnect the Recordset | |
Set objRecordset.ActiveConnection = Nothing | |
'Return the Recordset | |
Set connection_GetRecordset = objRecordset | |
'Clean up... | |
objConn.Close | |
Set objConn = Nothing | |
If Err.number <> 0 then | |
Response.Write "OR HERE" & Err.Description | |
Response.END | |
'Call utility_displayError("Error executing query.", strErrorDescription & "<br><br>" & strSQL) | |
End If | |
End Function | |
Function connection_executeCommand(strSQL) | |
if InStr(strSQL, "EXEC(") Then | |
Response.END | |
End if | |
Dim objDBConn | |
Set objDBConn = Server.CreateObject("ADODB.Connection") | |
objDBConn.Open strDBConnection | |
objDBConn.Execute strSQL | |
objDBConn.Close | |
Set objDBConn = NOTHING | |
End Function | |
Function connection_createGuid() | |
Dim TypeLib, tg | |
Set TypeLib = Server.CreateObject("Scriptlet.TypeLib") | |
tg = TypeLib.Guid | |
connection_createGuid = Replace(Replace(Replace(left(tg, len(tg)-2),"-",""),"}",""),"{","") | |
Set TypeLib = Nothing | |
End Function | |
Function connection_SQLEncode(str) | |
If isNull(str) Then | |
str = "" | |
End If | |
Dim tmpEncodeStr | |
tmpEncodeStr = str | |
tmpEncodeStr = "'" & Replace (str, "'", "''" ) & "'" | |
connection_SQLEncode = tmpEncodeStr | |
End Function | |
%> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment