Discuss "Basic SQL command inteface" in the ASP Code Samples forum.

dr_rock · #1 June 12th, 2008, 12:05 AM

For the times you dont have access to the database, this will allow you to build sql queries on the fly to retrieve schema information and perform other database functions.

WARNING!!! DO NOT LEAVE THIS FILE UNSECURED ON YOUR LIVE SITE!!!!!!

Code:

<!--#INCLUDE file="include/connection.asp"-->
<%
'#Include File		 	- include/connection.asp
'# > Function OpenDB()  - creates open ado connection named adoConn
'# > Function CloseDB() - destroys adoConn

strAction = Request("action")
strCommand = Request("command")
intRows = Request("rows")
Select Case strAction
	Case "command"
	
			If (Session("active")) and (strCommand <> "") Then
			
				call OpenDB()
				strUrl = Replace(strCommand, vbcrlf, " ")
				Set rs = adoConn.Execute(strUrl) 
				call CloseDB()

				response.redirect("sqltool.asp?message=SQL Command Successful!")
			End If
		
	Case "query"
	
		If (Session("active")) and (strCommand <> "") and (IsNumeric(intRows)) Then
		
			call OpenDB()
			strUrl = Replace(strCommand, vbcrlf, " ")
			Set rs = adoConn.Execute(strUrl) 
			strResults = ""
			Do Until rs.EOF
				intMaxRows = CLng(intRows)
				for x = 0 to intMaxRows-1
					strResults = strResults & rs(x) & " | "
				next
				strResults = strResults & vbcrlf
				rs.movenext
			Loop
			rs.close()
			set rs = Nothing
			call CloseDB()
			
		End If
	Case "letmein"
		Session("active") = True
		response.redirect("sqltool.asp?message=Hello There!")
	Case "bye"
		Session("active") = False
		response.redirect("sqltool.asp?message=Goodbye Now!")
End Select
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>SQL TOOL</title>
</head>
<body>
<%If NOT(Session("active")) Then%>
Access Denied! Bugger off!
<%Else%>
<form action="sqltool.asp" method="post" name="sqltool">
<table width="100%">
	<tr>
		<td valign="top">
			<textarea name="command" rows="4" cols="80"><%=strCommand%></textarea>
		</td>
	</tr>
</table>
<table width="100%">
	<tr>
		<td style="border : solid 2px #ACA899;">
		<input type="button" value="Select" style="width:100px;" onclick="document.sqltool.command.value='SELECT * FROM ___ WHERE ___ ORDER BY ___';document.sqltool.action[1].checked=true;" />
		<input type="button" value="Insert" style="width:100px;" onclick="document.sqltool.command.value='INSERT INTO () VALUES ()';document.sqltool.action[0].checked=true;" />
		<input type="button" value="Update" style="width:100px;" onclick="document.sqltool.command.value='UPDATE ___ SET ___ = ___ WHERE ___ = ___';document.sqltool.action[0].checked=true;" />
		<input type="button" value="Delete" style="width:100px;" onclick="document.sqltool.command.value='DELETE FROM ___ WHERE ___ = ___';document.sqltool.action[0].checked=true;" /><br />
		</td>
		<td style="border : solid 2px #ACA899;">
		<input type="button" value="Structure" style="width:100px;" onclick="document.sqltool.command.value='select table_name, column_name, ordinal_position, data_type from information_schema.columns order by 1,3';document.sqltool.action[1].checked=true;document.sqltool.rows.value=4;" />
		<input type="button" value="Add Table" style="width:100px;" onclick="document.sqltool.command.value='CREATE TABLE [dbo].[__] ([__] [bigint] IDENTITY (1, 1) NOT NULL ,	[__] [varchar] (50) COLLATE Latin1_General_CI_AS NULL ,	[__] [bit] NULL , [__] [varchar] (50) COLLATE Latin1_General_CI_AS NULL) ON [PRIMARY]';document.sqltool.action[0].checked=true;" />
		<input type="button" value="Hilight" style="width:100px;" onclick="document.sqltool.command.select();" />
		<input type="button" value="Clear" style="width:100px;" onclick="document.sqltool.command.value='';" />
		</td>
	<tr>
	</tr>
		<td colspan="2" style="border : solid 2px #ACA899;">
			<input type="radio" name="action" value="command" checked="checked" />Cmd&nbsp;
			<input type="radio" name="action" value="query" />
			Qry <input type="text" name="rows" value="<%=intRows%>" style="width:20px;" />cols&nbsp;
			<input type="submit" />
		</td>
	</tr>
</table>
<table width="100%">
	<tr>
		<td valign="top">
			<textarea name="response" rows="8" cols="80"><%If Request("message") <> "" Then Response.write(Request("message")&vbcrlf)%><%=strResults%></textarea>
		</td>
	</tr>
</table>
</form>
<%End If%>
</body>
</html>

BLaaaaaaaaaarche · #2 June 12th, 2008, 09:33 AM

Is this a question?

dr_rock · #3 June 12th, 2008, 07:25 PM

More a rehtorical statement

jmurrayhead · #4 June 16th, 2008, 08:54 AM

So basically this allows you to query the database from a web interface when you can't physically access the database?

dr_rock · #5 June 17th, 2008, 01:02 AM

Quote:

Originally Posted by jmurrayhead

So basically this allows you to query the database from a web interface when you can't physically access the database?

Yes and I have a couple of auto insert commands to make life easier, note that you must have the command radio checked for commands and the query radio set + number of fields for queries, its great for pulling out schemas.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Basic Questions	nboscaino	Microsoft Access	16	August 20th, 2008 03:18 PM
[Basic Tools] An intro to making complex databases using simple methods.	sbenj69	Access Database Samples	3	June 27th, 2008 12:09 AM
Command Buttons Coloring	alansidman	Microsoft Access	5	May 15th, 2008 03:57 PM
Wizard1 error The command 'MoveComplete' is not valid	peebman2000	.Net Development	10	April 28th, 2008 02:52 PM
Basic Login Script (using MS Acesss)	BLaaaaaaaaaarche	ASP Code Samples	0	March 24th, 2008 04:50 PM

Discuss "Basic SQL command inteface" in the ASP Code Samples forum.

ASP Code Samples - The ASP Code Samples forum contains sample code snips submitted by our members.