To read the article online, visit http://www.4GuysFromRolla.com/webtech/032399-1.shtml

Messaging in ASP, Part 2


Article Continued From: [Messaging in ASP, Part 1]

Ok. I'm going to assume here that you already read my previous lesson, which introduced you to how I setup the database, and how to display the page that shows people if they have any new messages. Next, comes the ViewMessage routine. This has to be the simplest of the whole messaging series, because it involves just a few hits on the database. So now to the code, and the explanation.

<%
If IsNull(Session("DHSID")) or Session("DHSID")="" Then
      Response.Redirect "students_only.asp"
End If

MIDE=Request.QueryString("MID")
If IsNull(MIDE) or MIDE="" Then
      Response.Redirect "view.asp"
End If
%>
<html>

This code is very simple. First, it checks whether or not the user has any continuing session variables. If not, it redirects them to the logon page. Then, it checks if there is a ?MID= on the URL. This is important, because when dealing with individual messages, you always need to have the identifer. I just used this to be what defines the message.

[ code from above ]
<h2 align="center">
      Welcome to the View Message section
</h2>

<%
      set conntemp = Server.CreateObject("ADODB.Connection")
      strSource = "DRIVER=Microsoft Access Driver " & _
            (*.mdb);UID=admin;FIL=MS Access;DBQ=" & _
            Server.MapPath("myDatabase.mdb")
      conntemp.open strSource
      strExec="Select * From SentMessages " & _
            "WHERE MessageID=" & MIDE & " AND TO=" & _
            Session("DHSID")
      set rstemp=conntemp.execute(strExec)
%>

This code is the code that actually connects to the database. After using a DSNless connection, I continue with setting the SQL statement. Explanation of it - "Get all the messages whose MessageID is equal to the MID value that was passed on the page AND are addressed to the current user". The importance of this is that I included the AND TO= to make sure that a user was not just changing the MID on the top so they could view other peoples' messages. When dealing with ASP, expect people to be inherently bad, and find ways to circumvent them.

[ code from above ]
<% If NOT rstemp.EOF Then %>

This code just makes sure that there actually is a message to the message to display.

[code from above]
<p>Date: <font color="#660000">
<%=rsTemp("DATE")%></font></p>
<p>To: <font color="#660000">
<%=Session("StudentName")%gt;</font></p>

<% set conntemp2 = Server.CreateObject("ADODB.Connection")
strSource2 = "DRIVER=Microsoft Access Driver " & _
      "(*.mdb);UID=admin;FIL=MS Access;DBQ=" & _
      Server.MapPath("myDatabase.mdb")
conntemp2.open strSource2
strExec2="Select * From Students WHERE DHSID=" & _
      rsTemp("From")
set rstemp2=conntemp2.execute(strExec2)
%>

<p>From: <font color="#660000">
<%=rsTemp2("StudentName")%></font></p>

This code is like the code on the other page. After displaying the date of when the message was sent and the name of the logged on student (because we know if they are this far, their ID is the same as who the message is to), it cross links itself to the "Students" table (which could be "users" or "cows" or whatever you feel like for holding intranet user information). It gets their logon information, namely their name, and then puts in the From field, instead of putting the ID of the user it was from. I hope that made sense. If not, read it again.

[ code from above ]
<p>
Subject: <font color="#660000">
      <%=rsTEMP("Subject")>
</font></p>
   <form>
      <table border="0">
         <tr>             <td>Message:</td>
            <td><textarea rows="9" name="Message" cols="72">
               <%=rsTemp("Message")%>
            </textarea></td>
         </tr>
      </table>

This code just creates a dummy form with no action and displays the message in a TextArea (multiline textbox).

[ code from above ]
<INPUT type="BUTTON" name="Back" value="Click here to return" onClick="history.back">
   </form>

This code just creates a nice little back button. Finally,

[ code from above ]
<% Else %>

Finally! The code to check if there actually is NO message (rsTemp is at the end of fields)

[ code from above ]
<font color="#660000">
Error! The message could not be found. Sorry! =(</font>
<% End If %>

Display a nice little error message, and continue on.

[ code from above ]
<%
strExec="UPDATE SentMessages SET "
strExec=strExec& "READ=1 AND IsNew=0 WHERE MessageID=" & MIDE
conntemp.Execute(strExec)
%>

This code just updates the database and sets the message as no longer new, so that it won't be displayed on the messages.asp page (that is, the new message page). And then, what you have all been waiting for,

[ code from above ]
</html> <%
rstemp.Close
ConnTemp.Close
rsTemp2.Close
ConnTemp2.close
%>

The code that closes out the web page (client side version, at least), and closes all open databases.

Well, I hope this little tutorial has been helpful in understanding how to show messages. I wrote this from HotMail, and just copy/pasted my code from my ASP, but it might have got mangled in the transition, so I cannot assure you that it is 100% working. Oh well.

God Bless and Happy Coding!

Article Continued On: [Messaging in ASP, Part 3]


Article Information
Article Title: Messaging in ASP, Part 2
Article Author: Ryan S.
Published Date: Tuesday, March 23, 1999
Article URL: http://www.4GuysFromRolla.com/webtech/032399-1.shtml


Copyright 2017 QuinStreet Inc. All Rights Reserved.
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers