0

The problem: I have a search, it works fine until the user makes a query that has no results. When that happens the drop down(Which gets its options from sql, stops working). I get the following instead:

<option label=' <font face="Arial" size=2>
<p>ADODB.Field</font> <font face="Arial" size=2>error '80020009'</font>
<p>
<font face="Arial" size=2>Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record.</font>
<p>
<font face="Arial" size=2>/junk/dbinstant.htm</font><font face="Arial" size=2>, line 0</font>

When this happens it seems to cut off all code under it.

The code I believe is responsible is:

<%if request.querystring("abn") = "all" then 
response.write("")
else
response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
end if %>

whole page:

<%@ LANGUAGE="VBSCRIPT" %>
<%
pagetitle="Contractor Details"
%>
<!--#INCLUDE VIRTUAL="/_lib/include/header.htm"-->
<!--#INCLUDE VIRTUAL="/_lib/include/menu.htm"-->
<script>
$(document).ready(function() {
    $("#abn,#cat").change(function () {
    this.form.submit();
})
});
</script>
<div class="twoColumnRow">
<div class="twoColumnContent">
<p class="breadCrm"><a href="/index.htm">Home</a> <span>&gt;</span> <a href="/tools/index.htm">Tools of the Trade</a> <span>&gt;</span> <a href="/tools/finance/index.htm">Finance and Purchasing</a><span>&gt;</span> <a href="/tools/finance/procurement/index.htm">Procurement and Contracts information</a></p>
<div class="contentPad">
<!-- Start of main content -->

<p class="imageRight">&nbsp;</p>
<h1><%=pagetitle%></h1>

<%
        Dim connectString, connect, conDB, sconDB, lDB, con, scon, lcon, src_abn, src_cat
        connectString = "Driver={Microsoft Text Driver (*.txt; *.csv)}; DBQ=" & Server.MapPath("data")
              src_abn = Request.QueryString("abn")
              src_cat = Request.QueryString("cat")
        set connect = Server.CreateObject("ADODB.connection")
        connect.open connectString

        if src_abn = "all" and src_cat = "all" then
        conDB = "SELECT * FROM cont.csv"
        lDB = "SELECT * FROM cont.csv"
        elseif src_abn = "all" then
        conDB = "SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes'"  
        lDB = "SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes'"    
        elseif src_cat = "all" then
        conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')"   
        lDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')" 
        else 
        conDB = " SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes' AND ucase(abn) LIKE ucase('%"+src_abn+"%')"
        lDB = " SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes' AND ucase(abn) LIKE ucase('%"+src_abn+"%')"
        end if

        sconDB = "SELECT * FROM cont.csv"   

        set con = connect.execute(conDB)
        set scon = connect.execute(sconDB)
        set lcon = connect.execute(lDB)
%>
<h2>Search results</h2><hr />
<% if not con.BOF then %>
<div style="margin-top:1em">

  <form action="dbinstant.htm" method="get">

      <p>Company name:1<br/>
      <select id="abn" name="abn">
        <option label="All companies" value="all" <%if request.querystring("abn") = "all" then response.write("selected") %>></option>
        <%if request.querystring("abn") = "all" then 
        response.write("<option label='All companies' value='all' selected></option>")
        else
        response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
        end if %>
        <% while (NOT scon.EOF) %>
        <option label="<%=scon("legal")%>" value="<%=scon("abn")%>" <%if request.querystring("abn") = "response.write(src_abn)" then 
        response.write("selected") 
        end if %>></option>
        <%scon.MoveNext()
                          Wend %>
      </select>
      </p>
     <p>Categories for Creative Design:<br/>
      <select id="cat" name="cat">
        <option class="group" label="All categories" value="all" <%if request.querystring("cat") = "all" then response.write("selected") %>></option>
        <option class="group" label="Strategic brand, marketing and communications advice" value="a" <%if request.querystring("cat") = "a" then response.write("selected") %>></option>
        <option class="group" label="Graphic design and layout" value="b" <%if request.querystring("cat") = "b" then response.write("selected") %>></option>
        <option class="group" label="Forms design" value="c" <%if request.querystring("cat") = "c" then response.write("selected") %>></option>
        <option class="group" label="Web design and development" value="d" <%if request.querystring("cat") = "d" then response.write("selected") %>></option>
        <option class="group" label="Authoring services" value="e" <%if request.querystring("cat") = "e" then response.write("selected") %>></option>
        <option class="group" label="Editorial services" value="f" <%if request.querystring("cat") = "f" then response.write("selected") %>></option>
        <option class="group" label="Translation services" value="g" <%if request.querystring("cat") = "g" then response.write("selected") %>></option>
        <option class="group" label="Photography and film services" value="h" <%if request.querystring("cat") = "h" then response.write("selected") %>></option>
        <option class="group" label="Scanning and digitisation services" value="i" <%if request.querystring("cat") = "i" then response.write("selected") %>></option>
        <option class="group" label="Multimedia editing services" value="j" <%if request.querystring("cat") = "j" then response.write("selected") %>></option>
      </select>
    </p>
    <input type="submit" value="Search" />
  </form>
  <br /><hr />

    <table style="font-size:.9em;" class="contentTable">
          <tr>
                <th>ABN:</th>
                <th>Company Name:</td>
          </tr>
  <% con.Movefirst() %>
  <% while (NOT con.EOF) %>
          <tr>
                <td width="120px"><%=con("abn")%></th>
                <td><a href="dbcomp.htm?abn=<%=con("abn")%>&cat=all"><%=con("legal")%></a></td>
          </tr>
  <%
    con.MoveNext()
    Wend
  %>
</table>

</div>
<% else %>
    <% scon.Movefirst() %>
  <form action="dbinstant.htm" method="get">

      <p>Company name:2<br/>
      <select id="abn" name="abn">
        <option label="All companies" value="all" <%if request.querystring("abn") = "all" then response.write("selected") %>></option>
        <%if request.querystring("abn") = "all" then 
        response.write("")
        else
        response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
        end if %>

        <% while (NOT scon.EOF) %>
        <option label="<%=scon("legal")%>" value="<%=scon("abn")%>" <%if request.querystring("abn") = "response.write(src_abn)" then 
        response.write("selected") 
        end if %>></option>
        <%scon.MoveNext()
                          Wend %>
      </select>
      </p>
     <p>Categories for Creative Design:<br/>
      <select id="cat" name="cat">
        <option class="group" label="All categories" value="all" <%if request.querystring("cat") = "all" then response.write("selected") %>></option>
        <option class="group" label="Strategic brand, marketing and communications advice" value="a" <%if request.querystring("cat") = "a" then response.write("selected") %>></option>
        <option class="group" label="Graphic design and layout" value="b" <%if request.querystring("cat") = "b" then response.write("selected") %>></option>
        <option class="group" label="Forms design" value="c" <%if request.querystring("cat") = "c" then response.write("selected") %>></option>
        <option class="group" label="Web design and development" value="d" <%if request.querystring("cat") = "d" then response.write("selected") %>></option>
        <option class="group" label="Authoring services" value="e" <%if request.querystring("cat") = "e" then response.write("selected") %>></option>
        <option class="group" label="Editorial services" value="f" <%if request.querystring("cat") = "f" then response.write("selected") %>></option>
        <option class="group" label="Translation services" value="g" <%if request.querystring("cat") = "g" then response.write("selected") %>></option>
        <option class="group" label="Photography and film services" value="h" <%if request.querystring("cat") = "h" then response.write("selected") %>></option>
        <option class="group" label="Scanning and digitisation services" value="i" <%if request.querystring("cat") = "i" then response.write("selected") %>></option>
        <option class="group" label="Multimedia editing services" value="j" <%if request.querystring("cat") = "j" then response.write("selected") %>></option>
      </select>
    </p>
    <input type="submit" value="Search" />
  </form>
  <br /><hr />
<p>No records match your query.</p>
<p><a href="dbtest.htm">Return to search page</a></p>
<%
  end if
  con.close
%>


<!-- End of main content -->
</div> <!-- end contentPad div -->
</div> <!-- end twocolumncontent div -->
<div class="twoColumnLinks">

<!--<div class="relatedLinks">
<h3>Related Links</h3>
<ul>
<li><a href="/index.htm">Related link 1</a></li>
</ul>
</div>--> <!-- end relatedlinks div -->
<!--#INCLUDE VIRTUAL="/_lib/include/quicklinks.htm"-->
<!--#INCLUDE VIRTUAL="/_lib/include/mylinks.htm"-->
</div> <!-- end twocolumnlinks div -->
</div> <!-- end twocolumnrow div -->
<!--#INCLUDE VIRTUAL="/_lib/include/footer.htm"-->
Improve this question

1 Answer 1

Reset to default
2

Try changing con.BOF to con.EOF.

Besides that, your code has severe SQL Injection vulnerability in it. I hope you are aware of that :-)

For example, you'd want to change things like this

conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')"

into that

conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+ Replace(src_abn, "'", "''") + "%')"

Start with these:

  1. Classic ASP SQL Injection Protection
  2. Preventing SQL Injections in ASP
  3. Filtering SQL injection from Classic ASP
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Ofer Zelig is right. You need to at least screen the passed querystring.
How would SQL injection be used there? (Always wanted to learn how to protect from that, would you recommend any books?)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.