[thelist] 11th hour plea: ASP/Access snapshot hell

Tue May 8 08:39:52 CDT 2001

On May 08 07:16, "Luther, Ron" <Ron.Luther at COMPAQ.com> wrote:
>
> Subject: RE: [thelist] 11th hour plea: ASP/Access snapshot hell
>
> Hi "In",
> 
> 
> Got more details?

    Yes, most definately.  I just thought the wrox question was more straightforward than mine.  It described the fundamentals of what I need to do.

> How does an employee access the system?  By entering their id number?
> 
> Off the top it's sounding like a missing "where emp_id = 'xxxx'" in the
> select string.

Yes, the report has everything in the query except "Where EmpID=xxxx".  I don't have this included in my Access Report's SQL query because the "xxxx" varies with the Session("EmpID") variable.

In my case, a manager enters their name and password into an html form.  This is compared against (I hope) a security table in my database.  From here on out, the user's name and id number are passed along as session variables.  I'm using these to check if the user's session is expired or if they're trying to jump pages.  Then they'll be allowed to view their own evaluation or complete evaluations for people they supervise depending on flags in the database.  I have everything working on the employee evaluation side except filtering the snapshot which is generated on the fly.  Last night, I was trying to do something, anything, with DoCmd.OpenReport or DoCmd.CreateQueryDef statements but I was grasping at straws.

> Hmmmm ... how 'bout an html form that gathers employee name in a text box
> (you're also gonna need some kind of password and maybe ssn number check as
> well so they can't just enter any old person's name) ... and using that form
> variable in the ASP?

*laugh* If you only knew... I've been having very erratic and random errors/problems over the past few weeks.  I've had code suddenly stop working for a week then magically start working again after I told my boss I couldn't diagnose the problems.  [Some of that might be because I'm trying to write ASP pages to run on an NT box, but all I've been access to is a test Windows 2000 Professional machine.]  This thing is a patch job, but it just has to have basic functionality by tomorrow morning.

Actually, this pilot could go live without passwords.  The security would be through pure social engineering... since logging in under someone else's name would violate our code of conduct, we can trust that no one would do it.  I *really* want to get this working right so I don't have to repeat the above statement in public.  =)

By the way,  my ASP pages (vbscript) generate errors when I try to use single quotes mixed with double quotes in my SQL statements.  I don't know that it will parse the _ in a variable name correctly.  It seems to treat all _ as a line continuation.

> Trying to help,

Thanks so much!