Submitted on: 1/2/2015 4:07:00 AM
By: Glenn Cook (from psc cd)  
Level: Not Given
User Rating: By 19 Users
Compatibility: ASP (Active Server Pages)
Views: 1209
     The FOOApp: A complete Classified Ads application showing how to use Active Server Pages' ADO database techniques, SQL techniques, cookies for "remembering", VBScript client-side field validation, and much more. FREE!

This article has accompanying files

The most common approach to teaching the fundamentals of any programming language is to start with theory, then the features, the basic concepts, some techniques, and finally, finishing with a glimpse of the guts of a real application. I, on the other hand, learn best by taking something functional and dissecting it into little lessons that expose the integration of those concepts, techniques, and features of the language. The undestanding of the interplay of these dissections is what seems most important to me in becoming a better programmer. This is the way I learn best, and this is also the approach I will use for teaching you some of the cool things you can quickly replicate on your own with Active Server Pages.

I designed the FooApp (Forum for Online Opportunities) to "show-off" how simple it is to build a self-maintaining database application with ASP. People set up their own passwords; maintain their own member profiles; they can add, edit, or delete, information they "own"; they can search etc. The application will run on any machine that supports active server pages and an Access database. Converting the application for use with SQL is a matter of pointing your datasource to an SQL server whose table names and fields are the same as those that exist in the Access dabase. This application is designed for beggining to intermediate ASP'ers who have at least perused the tutorials found elsewhere on the site. It is also good for advanced ASP'ers interested in learning a few tricks etc. but remember the application is not perfect. If you want to make any additions to the application for others to benefit from, please e-mail me.



1. If you download the source code all I ask is that you take five seconds out of your surfing schedule and visit at least one of our sponsors- it's an extremely fair trade don't you think? Now that we have that out of the way, just downloadthe complete application's source code! This is the exact source code that is running on DataReturn's server at the ASPAlliance. I am telling you this because I don't want anyone "testing" a childish prank on the application that many people will be counting on to help them learn. C'mon I am giving away the source-code for free- please don't abuse this opportunity!

2. The application will not run right "out-of-the-box." The first thing you want to do is delete all instances of "<!--#include virtual = /adshow.asp-->"(This is the banner rotator for the site) You will also have to set-up a DSN to point to the Access database that is included, and you will have to edit the cookie information properly. The DSN name is called "ClassyAds" and the information about how to edit your own cookie can be found here. If you don't know how to set up a DSN there is a brief explanation at the search tutorial. The application has been installed successfully on hundreds of machines now so if you are receiving errors, check for typos and editing problems.

3. Your frame of reference for these tutorials should be the the working example in the ASP Trenches. Try to mentally figure out how the application is doing this work before digging into the source code explanations. Visit the application several times and see how it remembers you? Try to search for your information several ways, and edit your profile. Important: Look at the asp page names in your browser as you interface with it. Also as you dig into the source code you will notice the unconventional variable names that I use- Simpsons characters. This is a way for me to keep laughing while I program. You should see the faces on management when I present them with the documented source code for the projects I've done for them. Now that's REAL funny!

4. Ok. Let's start the dissection process- Your fetal pig is waiting....Have Fun!



<%Response.Buffer = true %>


The <%Response.Buffer = True %> line is the way to tell ASP to execute the entire page before sending anything back to the client. Otherwise it will just start streaming stuff as it executes. You'll find that you need this quite often when Redirecting clients to different pages.


<!--#INCLUDE file=""-->

The "" file is a collection of VB constants that we can use for accessing a database via ADO. It's a header file that gives us tools to connect to a database, recordset, etc. and it also gives us little useful functions like RecordCount.

<% If Request.Cookies("Shaft").HasKeys Then


This line Requests the client's browser for the Shaft cookie! I use HasKeys to validate whether that cookie exists. If the person has the "Shaft" cookie then HasKeys will be equal to "true" and the next line will execute.

Response.Redirect "memberpage.asp"%>

Here's how you magically transport the user to a new page, and the reason why I set the Buffers to True. I didn't want to send any data to the client until I was sure that this was the page I was actually going to send to the client. Since the user already has the Shaft cookie, they've obviously already signed up as a member and I will redirect them to the Member Login page-"memberpage.asp". For kicks go ahead and take set the buffers property to False. Does that error code look familiar?


This is the starting point for users that have never visited the site before. They don't have the "Shaft" cookie- the HasKeys property was equal to "False"!


If "BadMutha" = Request("ActionType") Then








Response.Cookies("Shaft")("ContactName") = TheContactName

Response.Cookies("Shaft")("Company") = TheCompany

Response.Cookies("Shaft")("Password") = ThePassword

Response.Cookies("Shaft")("Email") = TheEmail

Response.Cookies("Shaft")("Status") = TheStatus

Response.Cookies("Shaft").Expires = #September 3, 1999#

Response.Cookies("Shaft").Domain = TheDomain

Response.Cookies("Shaft").Path = ThePath


This is where this page gets cool!
<In the voice of an Infomercial host.>
Not only does it check for an existing cookie, but it also posts its own form data to itself , collects the data, and writes the information onto the user's system in the form of a cookie! But wait there's more: It also writes that information to a database!

<End Infomercial Voice>

Notice that the first line checks to see if the person is posting any information to the page. It just simply Requests to see if there was a variable sent called ("ActionType") and if it is equal to a string called "BadMutha". If the statement is equal to true, then the page starts executing all of the cookie code you see in this block.

The first little paragraph Requests/extracts and collects the data that has been posted to it. Each variable is given a name that the page can use later on.

The second paragraph uses the Response object to stick each of those variables that it just collected into contents/Keys of a cookie I call "Shaft." The reponse object literally sends that cookie and its keys to the client's machine. (For an in-depth cookie tutorial please visit The Cheesy Cookie!!!


dim Status

dim Address


Status = Request("Status")

Session("Status") = Status

Address = Request("EMail")



Remember the if statement from the block above? Well it's still got work to do. This is where I start the process of creating a Member Profile in a database using ADO and SQL.

The first thing that I do is create a couple of variables:

The "Status" variable I use for sticking the information collected from the form about wheteher they are an "Employer" "Developer" etc. into the Session("Status") variable that was created in the global.asa file. Remember the global.asa file is where we can create variables to use across the entire time the user is visiting our site. Any other variables "die" as soon as the page is done executing.

The "Address" variable is what I will use to build my SQL statement. I collect the data by Requesting the individual's e-mail address from the posting form.

1 Set Conn = Server.CreateObject("ADODB.Connection")

2 Set NewCust = Server.CreateObject("ADODB.RecordSet")


3 Conn.Open "ClassyAds","sa",""

4 NewCust.Open "SELECT * FROM ASPLoginUserTbl WHERE  _

EMail = '" & Address & "'", Conn , adOpenKeyset , adLockOptimistic






Here's where we make a connection to the database, build an SQL statement and execute it!

  1. Create an ADODB connection object.
  2. Create a recordset object.
  3. Open a connection to the DSN called Classy ads. (The server must have a Data Source Name created in the control panel's ODBC icon.)
  4. SQL statement: where I basically say, SELECT everything FROM the ASPLoginUserTbl Table WHERE the Email field in that table is equal to the contents the Address variable. The other "Conn, AdOpenKeyset,.." things are properties of the statement's interaction with the database that you can read up on in Charles Carol's massive database tutorial pages!

*The most common mistake that I run into with database programming is an SQL statement typo. If any of the & "'", stuff is driving you nuts you need an SQL primer!

If NewCust.RecordCount = 0 Then



If Request("ContactName") <> "" Then

NewCust("ContactName") = Request("ContactName")

End If

If Request("Company") <> "" Then

NewCust("Company") = Request("Company")

End If

If Request("Email") <> "" Then

NewCust("Email") = Request("Email")

End If

If Request("Password") <> "" Then

NewCust("Password") = Request("Password")

End If

If Request("Status") <> "" Then

NewCust("Status") = Request("Status")

End If



Since the SQL statement has executed above, we can now see if the Recordset object we created, called "NewCust", has a RecordCount equal to 0. Logically, it should because we've already made the assumption that the individual has never been here before. Since we all know the evils of assumptions, this if statement covers our butt if the user has already filled out a member profile. So if our SQL query finds an e-mail address it will increment the record count by one. We should only have one member profile per E-mail address!

The second line executes if there is no other e-mail address in the table that matches. This line actually adds a new row to the table. Each line that follows actually inserts the information it Requests from the posted form into the individual fields in the access table.

*Again if the SQL statement references a field that doesn't exist in the table, ERROR!






Response.Redirect "memberpage.asp"

This little section of code just does some basic administrative work . It updates/saves the new row in the Recordset called NewCust. And since we're done with it we close it.

So at this point we&rsquo;ve written a cookie and stuck data into a database - now we want to direct them to the Member Login Page. If they have allowed us to use the "Shaft" cookie then their e-mail address and password are automatically extracted into the page- so they don't have to remember their password.


Response.Cookies("JonShaft").Expires = Date - 2

Response.Redirect "addresserr.htm"

End If



This little section basically references that if statement that checks to see if they have already entered a member profile before. If the RecordCount property equals anything other than "0" then this little section is executed.

All it does is "kill" the Shaft cookie we just wrote to the user's system by setting it&rsquo;s Expires property to two days ago. Then we send them to a little page that says something like, "That e-mail address is already in the system" or something to that effect.




<TITLE>New Member Login Screen</TITLE>



<form METHOD="POST" ACTION="<%=Request.ServerVariables("SCRIPT_NAME")%>" Name="MyForm">

<input type="hidden" name="ActionType" value="BadMutha"><p><font face="Verdana"

color="#408080"><big><strong>New Member Login</strong></big></font></p>

<p><small><font face="Verdana">Our site does not recognize you as an existing member. If you do not have an account yet please fill in your

personal information below to recieve your "member cookie". If you have somehow

lost or deleted your "member cookie" and you remember your user name and password, you may

proceed to the member login page.</font></small></p>

<table border="1" width="100%" bgcolor="#FFFFA2" style="border: 2px solid rgb(64,128,128)">


<td width="18%"><small><font face="Verdana">Contact Name(First&Last):</font></small></td>

<td width="82%"><small><font face="Verdana"><input type="text" name="ContactName" size="30"><font




<td width="18%"><small><font face="Verdana">Company:</font></small></td>

<td width="82%"><small><font face="Verdana"><input type="text" name="Company" size="30"><font




<td width="18%"><small><font face="Verdana">E-mail:</font></small></td>

<td width="82%"><small><font face="Verdana"><input type="text" name="EMail" size="30"><font




<td width="18%"><small><font face="Verdana">Password:</font></small></td>

<td width="82%"><small><font face="Verdana"><input type="password" name="Password"

size="10"><font color="#FF0000">*</font></small></td>



<td width="18%"><small><font face="Verdana">Verify Password:</font></small></td>

<td width="82%"><small><font face="Verdana"><input type="password" name="Password2"

size="10"><font color="#FF0000">*</font></small></td>



<td width="18%"><strong><small><font face="Verdana">Membership category(Select a profile for your account):</font></small></strong></td>

<td width="82%"><small><font face="Verdana"><select name="Status" size="1">

<option value="Employer">Employer</option>

<option value="Developer">Developer</option>

<option value="Graphic Designer">Graphic Designer</option>

<option value="Contracts">Contract(s) To Post</option>




<td width="100%" colspan="2"><div align="left"><p><small><font face="Verdana"><input

type="reset" value="Clear Form" id="reset1" name="reset1"> <input TYPE="submit"

VALUE="Submit Info!" id="submit1" name="submit1"></form>

<form METHOD="POST" ACTION="<%=Request.ServerVariables("SCRIPT_NAME")%>" Name="Form2"> <input TYPE="submit"

VALUE="Proceed to Login Screen" id="submit2" name="submit2"></form></font></small></td>



<p><font face="Verdana" color="#FF0000"><small><strong>* Required information for new

members. No information collected will be redistributed or used for spamming.</strong></small></font></p>



<%End If%>

<%End If%>


Remember that "If" statement from way-back-when that checked to see if the user was posting a form that had an ActionType equal to the string "BadMutha"? Well, this is the HTML for the form!

Please notice a couple things:

  1. Since I'm posting this form to this asp page I extract the pages name from itself by using the Request.ServerVariables object-Cool trick!
  2. I have a hidden input field called ActionType that I use for finding out if they are posting this form to this page-Cool Trick #2
  3. There is also a form that redirects the user to the login page. Just in case they don't have cookies enabled.

<% If Request.Form("submit2") = "Proceed to Login Screen" Then

Response.Redirect "memberpage.asp"

End If%>

This little section tests to see if the user has selected the "Proceed to login screen" button that I put there for people who don't want the cookie to remember their password information. It just Redirects them to the login page where they will need to provide their e-mail address and password information.

The remaining portion of this ASP page is some advanced client-side VBScript that does some cool input field validation. If you don't have the source-code for the FOOApp, you can download it at the top of this article. VBScript tutorials will come at a later date.

winzip iconDownload article

Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come out every day, so no prevention program can catch 100% of them. For your own safety, please:
  1. Re-scan downloaded files using your personal virus checker before using it.
  2. NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.

If you don't have a virus scanner, you can get one at many places on the net

Other 7 submission(s) by this author


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this article (in the Not Given category)?
(The article with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)

Other User Comments

 There are no comments on this submission.

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular article, please click here instead.)

To post feedback, first please login.