Receiving text string via ASP

Sphexi

Diamond Member
Feb 22, 2005
7,280
0
0
I have a situation where I'm pulling a report from an API, and I have two options for a response:

1) The API builds a text file, and I can download/save it.
2) The API will display the text content to the browser directly.

I tried number 2 first as I figured it'd be really easy, I basically built my request string, submitted it using MSXML, and set the response to trnResponse. I expected the text to come back in that field, but nothing comes back in it.

My skills are pretty basic so I'm not sure how to be doing this, I could go the other route and try to save the file, but I have zero clue how to even start doing that.

Any suggestions?
 

Cogman

Lifer
Sep 19, 2000
10,286
147
106
Avoid "building" strings whenever possible. If ASP or MSXML supports it, use parameter binding, it removes a lot of headache from handling potentially bad/malicious input.

Also, never, ever, trust the user/user input. Assume that the user is a retarded monkey or expert hacker that has full access to your source code.
 

Markbnj

Elite Member <br>Moderator Emeritus
Moderator
Sep 16, 2005
15,682
14
81
www.markbetz.net
We need to know a lot more about the app architecture and the chain of events. If you're pulling the report from an API on the server-side (in response to a page request or form post) then you can format the results into something the browser can ingest and send it back in the HttpResponse. One way to do that would be an XSLT transform, but you could just do it manually (by writing the text between <pre> tags in the simplest case).

So a typical flow would be...

1. User enters report criteria into form and presses submit
2. ASP.NET posts the form data to the specified page script
3. Page script formats the criteria into a parameterized query or call to a stored proc, or an XML request to a service, whatever.
4. Response comes back and the page script formats it into HTML and returns it in the HttpResponse.
 

Sphexi

Diamond Member
Feb 22, 2005
7,280
0
0
Avoid "building" strings whenever possible. If ASP or MSXML supports it, use parameter binding, it removes a lot of headache from handling potentially bad/malicious input.

Also, never, ever, trust the user/user input. Assume that the user is a retarded monkey or expert hacker that has full access to your source code.

No user input here, this would be an automated service that would be scheduled to run once a day.

Luckily I have access to the source code that handles the creation and sending of the file :)

Code:
if SetNumeric(Request("rptNoFile")) = 1 then
'Display results to browser window (do not download file)
set f = fs.OpenTextFile( fileName & "_nonull", 1, false, -2 )
do while f.AtEndOfStream = false
Response.Write(f.ReadLine)
Response.Write(VBCrLf)
loop
f.close
set f = nothing

else
'Normal -- get the browser to request downloading the report
Set objUpload = Server.CreateObject("Persits.Upload.1")
Call objUpload.SendBinary (fileName, True, "application/octet-stream", True)
set objUpload = nothing
end if