Empty parameters in a asp .net (vb) page query string

  • Thread starter Thread starter Paul M.
  • Start date Start date
P

Paul M.

Hi,
I am trying to populate 3 paramters in an asp .net (vb) page redirect,
the first one is ok ok and gets populated by the other two get inserted into
the url for the redirect as empty strings! Anyone got any clues?? The code
is below and I have checked that the variables beginning with "g_str" are
all populated before the code is called. I think its something to do with
the "&" in the "&Title" and "&Version", do I need to do something to
those???

Cheers
Paul

Dim strVal_1 as string
Dim strVal_2 as string
Dim strVal_3 as string

strVal_1= "?SQL=" & g_strSQL
strVal_2= "&Title=" + g_strTitle
strVal_3= "&Version=" + g_strVersion

Response.Redirect("http://localhost/misc/frmEntry.aspx?Error=" & strVal_1 &
strVal_2 & strVal_3)
 
Paul...I'm not sure but when you step through it in the debugger, I'm
assuming all the assignement are done correctl ( ie strVal_1, strVal_2 and
strVal3)

Try this...

Dim sb as New System.Text.Stringbuilder
sb.Append("http://localhost/misc/frmEntry.aspx?Error=")
sb.Append("?SQL=" & strSQL)
sb.Append("&Title=" & g_strTitle)
sb.Append("&Version=" & g_strVersion)
'Put breakpoint here to make sure redirect is what you want in it's
entirety - in the command window ?sb.ToSTring

Response.Redirect(sb.ToSTring)

It looks like the + might be the cause of improper string concatenation. In
either case, even if you don't use a stringbuilder, just add on all
concatenations with the line continue character _ b/c as it stands now,
you're creating at a minimum 3 string objects when one would do. (This
isn't the problem you are referring to, but it's just a suggestion for
efficiency's sake.)

Let me know if the full query string is getting populated correctly and if
so, we'll try to narrow it down from there.

Good Luck,

Bill
 
Paul M. said:
Hi,
I am trying to populate 3 paramters in an asp .net (vb) page redirect,
the first one is ok ok and gets populated by the other two get inserted into
the url for the redirect as empty strings! Anyone got any clues?? The code
is below and I have checked that the variables beginning with "g_str" are
all populated before the code is called. I think its something to do with
the "&" in the "&Title" and "&Version", do I need to do something to
those???

Dim strVal_1 as string
Dim strVal_2 as string
Dim strVal_3 as string

strVal_1= "?SQL=" & g_strSQL
strVal_2= "&Title=" + g_strTitle
strVal_3= "&Version=" + g_strVersion

Response.Redirect("http://localhost/misc/frmEntry.aspx?Error=" & strVal_1 &
strVal_2 & strVal_3)
Consider the resulting url :
http://.../frmEntry.aspx?Error=?SQL={value of g_strsql}&Title={value of
g_strtitle}&Version={value of g_strVersion}
The ? (Question mark) is used to separate the script name (ie: aspx page)
and the parameters and as you can see there are two question marks, thus
your url is malformed and the risk of a partial interpretation is high.
I don't know what is the purpose of the Error parameter, either it contains
all error fields or it is useless:
http://.../frmEntry.aspx?Error=?{value of g_strsql};{value of
g_strtitle};{value of g_strVersion}
In this url there is only one parameter: Error, then you have to split its
value to get error details.
http://.../frmEntry.aspx?SQL={value of g_strsql}&Title={value of
g_strtitle}&Version={value of g_strVersion}
This url is well formed and you should get correct values for the SQL, Title
and Version parameters.

Final note: the Sql and even Title parameters may contain unwanted
characters like ? or & that will again disturb the parsing of the url, it is
strongly recommended to encode the values so that they fit into an url.

The final code should look like :
strVal_1= "?SQL=" & Server.UrlEncode(g_strSQL)
strVal_2= "&Title=" & Server.UrlEncode(g_strTitle)
strVal_3= "&Version=" & g_strVersion

Response.Redirect("http://localhost/misc/frmEntry.aspx=" & strVal_1 &
strVal_2 & strVal_3)

DK
 
You probably need to URLEncode the variables.

You can look that up in the help system.
 
Back
Top