• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Receiving text string via ASP

Sphexi

Sphexi

Diamond Member
I have a situation where I'm pulling a report from an API, and I have two options for a response:

1) The API builds a text file, and I can download/save it.
2) The API will display the text content to the browser directly.

I tried number 2 first as I figured it'd be really easy, I basically built my request string, submitted it using MSXML, and set the response to trnResponse. I expected the text to come back in that field, but nothing comes back in it.

My skills are pretty basic so I'm not sure how to be doing this, I could go the other route and try to save the file, but I have zero clue how to even start doing that.

Any suggestions?
 
Avoid "building" strings whenever possible. If ASP or MSXML supports it, use parameter binding, it removes a lot of headache from handling potentially bad/malicious input.

Also, never, ever, trust the user/user input. Assume that the user is a retarded monkey or expert hacker that has full access to your source code.
 
We need to know a lot more about the app architecture and the chain of events. If you're pulling the report from an API on the server-side (in response to a page request or form post) then you can format the results into something the browser can ingest and send it back in the HttpResponse. One way to do that would be an XSLT transform, but you could just do it manually (by writing the text between <pre> tags in the simplest case).

So a typical flow would be...

1. User enters report criteria into form and presses submit
2. ASP.NET posts the form data to the specified page script
3. Page script formats the criteria into a parameterized query or call to a stored proc, or an XML request to a service, whatever.
4. Response comes back and the page script formats it into HTML and returns it in the HttpResponse.
 
Cogman said:
Avoid "building" strings whenever possible. If ASP or MSXML supports it, use parameter binding, it removes a lot of headache from handling potentially bad/malicious input.

Also, never, ever, trust the user/user input. Assume that the user is a retarded monkey or expert hacker that has full access to your source code.
Click to expand...

No user input here, this would be an automated service that would be scheduled to run once a day.

Luckily I have access to the source code that handles the creation and sending of the file 🙂

Code: 
if SetNumeric(Request("rptNoFile")) = 1 then
'Display results to browser window (do not download file)
set f = fs.OpenTextFile( fileName & "_nonull", 1, false, -2 )
do while f.AtEndOfStream = false
Response.Write(f.ReadLine)
Response.Write(VBCrLf)
loop
f.close
set f = nothing

else
'Normal -- get the browser to request downloading the report
Set objUpload = Server.CreateObject("Persits.Upload.1")
Call objUpload.SendBinary (fileName, True, "application/octet-stream", True)
set objUpload = nothing
end if
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top