Re: Object required?

groupie wrote:

Quote:

[...] Thomas 'PointedEars' Lahn [...] wrote:
writeSessionCookie() contained in scripts/cookies.js included via the
`script' element is declared *client-side* as document.write() works only
client-side. Everything inside <% ... %> is executed *server-side*. IOW,
neither method is just not there when you call it. Hence the error message.

This is the second time you demonstrate a complete lack of understanding for
client-side and server-side scripting. You should finally learn the basics
and the basic difference between the two before you continue this
half-knowledged messing around.
[...]

Slowly learning...

Yes, indeed. I ask you *again* to trim your quotes.

Quote:

So I know now that ASP renders the page BEFORE Javascript.

Not quite. "ASP" "renders" the "page", including the execution of
the server-side script, before the client-side script is executed.

Quote:

In that case in the sample below, is it possible to use session cookie
values (read on client side) (email and pword) to select from a table
(server side sql) (the example uses Request() set in previous page:
looking to replace them with the variables).

ISTM you are trying password auto-fill, so it should be the other way
around. First the client makes the request, sending the Cookie header along
with it (a previous Set-Cookie or Set-Cookie2 header, or document.cookie
assignment would have set the cookie). You should then evaluate the header
value in order to generate the proper response body via ASP.

Be advised, though, that storing passwords as-is in session cookies is a bad
idea. Many user agents have built-in features to facilitate password form
auto-fill in which case the password is stored in the user profile using a
strong encoding instead.


PointedEars
--
realism: HTML 4.01 Strict
evangelism: XHTML 1.0 Strict
madness: XHTML 1.1 as application/xhtml+xml
-- Bjoern Hoehrmann

Quote:

You should then evaluate the header
value in order to generate the proper response body via ASP.

I'm not sure what you mean : I'm reading the values back to use in an
SQL statement (I accept the security implications for now). It's the
syntax of the IF and SQL statements I'm trying to code.

<script type="text/javascript">
var email = getCookieValue('email'); //already set in previous page
var pword = getCookieValue('pword'); //already set in previous page
</script>

<%
var strSql;
//if ((Request("email") != "") && (Request("pword") != "")) {
if ((%>email<% != "") && (%>pword<% != "")) {
strSql = "SELECT email, pword FROM logintable where email = '"
+ email +
"' and pword = '" + pword + "';";

// more code....
%>

On Feb 3, 4:52 pm, groupie <justforgro... (AT) gmail (DOT) com> wrote:

Quote:

You should then evaluate the header
value in order to generate the proper response body via ASP.

I'm not sure what you mean

He means that server-side processing instructions and client-side
Javascript statements are two completely different unrelated things.
From previous similar threads I know that this rather simple concept
is extremely hard to comprehend to many PHP and ASP developers: so I
will try to give some more explanations.

Server-side processing instructions - in your case all those <%...%>
thingies - being processed, as their name suggests, on the server
while preparing the page content to be sent to client. At this stage
client-side Javascript doesn't exist yet, because the page is not
parsed yet by browser.
After all server-side processing instructions being accomplished, the
final page content being sent to client. If the page contains
Javascript in it, if Javascript supported by browser, and if this
support is not turned off by user: then browser creates Global context
for your script and trying to execute it. On this stage server-side
processor doesn't exist anymore for Javascript - it is left long time
ago on the server.

P.S. I once was thinking of this puzzling catcha, because I met
several experienced and certified PHP/ASP coders but I had to explain
them this server-side vs. client-side concept nearly on fingers and
color cubes and balls before we could come to any result :-)
I guess the main gotcha is that in the source both kind of
instructions are oftenly staying together, so forcing into a fake
assumption "close on the screen - close in the life". Some may have a
better idea.



: I'm reading the values back to use in an

Quote:

SQL statement (I accept the security implications for now). It's the
syntax of the IF and SQL statements I'm trying to code.

script type="text/javascript"
var email = getCookieValue('email'); //already set in previous page
var pword = getCookieValue('pword'); //already set in previous page
/script

%
var strSql;
//if ((Request("email") != "") && (Request("pword") != "")) {
if ((%>email<% != "") && (%>pword<% != "")) {
strSql = "SELECT email, pword FROM logintable where email = '"
+ email +
"' and pword = '" + pword + "';";

// more code....
%

On Feb 3, 2:35*pm, VK <schools_r... (AT) yahoo (DOT) com> wrote:

Quote:

I guess the main gotcha is that in the source both kind of
instructions are oftenly staying together, so forcing into a fake
assumption "close on the screen - close in the life". Some may have a
better idea.

Ah Ok I see. Perhaps your reply could be put into the FAQ? It was very
succint.

If I understand what you're saying then, the (server-side) SQL
statement in the <% %> 'tags' below won't contain the values from the
variables, because the (client-side) <script></script> values haven't
been retrieved yet?

<script type="text/javascript">
var email = getCookieValue('email'); //already set in previous page
var pword = getCookieValue('pword'); //already set in previous page
</script>

<%
var strSql;
//if ((Request("email") != "") && (Request("pword") != "")) {
if ((%>email<% != "") && (%>pword<% != "")) {
strSql = "SELECT email, pword FROM logintable where email = '"
+ email + "' and pword = '" + pword + "';";

// more code....
%>

So is there a way of using values retrieved from a cookie in an SQL
statement then?

Stevo: Ok apologies. Flipped for a minute there </apology> :-)

On Feb 3, 7:11 pm, groupie <justforgro... (AT) gmail (DOT) com> wrote:

Quote:

I guess the main gotcha is that in the source both kind of
instructions are oftenly staying together, so forcing into a fake
assumption "close on the screen - close in the life". Some may have a
better idea.

Ah Ok I see. Perhaps your reply could be put into the FAQ?
It was very succinct.

I though once of a FAQ proposal but the thing is that no one is asking
about it in the way to make some general question. FAQ has "question-
answer" structure, and what question to use? "What is the difference
between server-side and client-side processing?" I never saw such
question on c.l.j. It is always has to be pulled out from OP in order
to help him/her from a completely different original question.

Quote:

If I understand what you're saying then, the (server-side) SQL
statement in the <% %> 'tags' below won't contain the values from the
variables, because the (client-side) <script></script> values haven't
been retrieved yet?

Right.

Quote:

So is there a way of using values retrieved from a cookie in an SQL
statement then?

Setting and reading cookie is not an exclusive privilege of
Javascript. Any server can do it (if accepted by client). If there are
cookies for given domain, they are being sent as part of request
header from client to server: no custom Javascript needed, it is done
by browser itself. So in your ASP block server-side you may check for
the presence of cookie and use them in any way you need them. If
cookies are not set yet, you can prepare and set them via the response
header from your server.

On Feb 3, 4:36*pm, VK <schools_r... (AT) yahoo (DOT) com> wrote:

Quote:

Setting and reading cookie is not an exclusive privilege of
Javascript. Any server can do it (if accepted by client). If there are
cookies for given domain, they are being sent as part of request
header from client to server: no custom Javascript needed, it is done
by browser itself. So in your ASP block server-side you may check for
the presence of cookie and use them in any way you need them. If
cookies are not set yet, you can prepare and set them via the response
header from your server.

Sorry I don't understand. How would I have to change the code posted
to use the cookie values? I've used Request("email") in the SQL which
works (the value is passed from previously SUBMITed page), however I
would like to know how to use the value from the cookie, that was set
in the previous page.

The cookie value is retrieved with the custom javascript function
getCookieValue() which has been included using <script type="text/
javascript" src = "scripts/cookies.js"></script>. Somewhere I need to
call this function, to get the cookie value, to pass into the SQL
statement.

I'm really beginning to hate javascript :-(

On Feb 3, 7:56 pm, groupie <justforgro... (AT) gmail (DOT) com> wrote:

Quote:

On Feb 3, 4:36 pm, VK <schools_r... (AT) yahoo (DOT) com> wrote:

Setting and reading cookie is not an exclusive privilege of
Javascript. Any server can do it (if accepted by client). If there are
cookies for given domain, they are being sent as part of request
header from client to server: no custom Javascript needed, it is done
by browser itself. So in your ASP block server-side you may check for
the presence of cookie and use them in any way you need them. If
cookies are not set yet, you can prepare and set them via the response
header from your server.

Sorry I don't understand. How would I have to change the code posted
to use the cookie values? I've used Request("email") in the SQL which
works (the value is passed from previously SUBMITed page), however I
would like to know how to use the value from the cookie, that was set
in the previous page.

The cookie value is retrieved with the custom javascript function
getCookieValue() which has been included using <script type="text/
javascript" src = "scripts/cookies.js"></script>. Somewhere I need to
call this function, to get the cookie value, to pass into the SQL
statement.

SQL statement is being executed server-side. At the moment of
executing server-side statements your program already has access to
cookie (if set). If not it can set them by issuing necessary headers
in the response. In ASP it is all handled by Request.Cookies and
Response.Cookies respectively. Client-side scripting is not needed. A
beginners-friendly explanation and samples can be found at
http://www.w3schools.com/asp/asp_cookies.asp

Quote:

I'm really beginning to hate javascript :-(
For what? For not being able to be executed client-side before

actually being served to client? With the same reason you may hate
your browser then for not being able to display a page before you
actually came to the necessary URL.