RhumhppiSo
New Member
I am using parameterised query for inserting the data in aspx page with classic asp.Below is my code : \[code\]cmd = Server.CreateObject("ADODB.Command")cmd.CommandText = "insert into Sponsor_Inputs (sponsor,Spon_Username,Spon_PASSWORD,Spon_First_Name,Spon_Last_Name,Spon_Co_Name,Spon_E_Mail, Spon_Phone,Spon_TOU,Remote_Computer_Name,Browser_Type, unsub_notif,Spon_CurrentMsg_NL,Spon_Pic_NL,Spon_Web_NL,Spon_Email_NL, Spon_YourName_NL,Spon_Phone_NL,Spon_Email,Spon_PhoneBan,Spon_Logo,Spon_YourName, Spon_Pic,featurestring,spon_fr_alias,spon_em_addr,spon_sub_line,spon_add_msg, spon_add_msg2,Spon_Current_Msg,newsletter_template) values (@sponsor ,@Spon_Username ,@Spon_PASSWORD ,@Spon_First_Name ,@Spon_Last_Name ,@Spon_Co_Name ,@Spon_E_Mail ,@Spon_Phone ,@Spon_TOU ,@Remote_Computer_Name ,@Browser_Type ,@unsub_notif ,@Spon_CurrentMsg_NL ,@Spon_Pic_NL ,@Spon_Web_NL ,@Spon_Email_NL ,@Spon_YourName_NL ,@Spon_Phone_NL ,@Spon_Email ,@Spon_PhoneBan ,@Spon_Logo ,@Spon_YourName ,@Spon_Pic ,@featurestring ,@spon_fr_alias ,@spon_em_addr ,@spon_sub_line ,@spon_add_msg ,@spon_add_msg2 ,@Spon_Current_Msg , @newsletter_template )"cmd.CommandType = CommandType.Text cmd.Parameters.Append(cmd.CreateParameter("@sponsor", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, sponsor))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Username", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Username))cmd.Parameters.Append(cmd.CreateParameter("@Spon_PASSWORD", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_PASSWORD))cmd.Parameters.Append(cmd.CreateParameter("@Spon_First_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_First_Name))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Last_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Last_Name))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Co_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 300, Spon_Co_Name))cmd.Parameters.Append(cmd.CreateParameter("@Spon_E_Mail", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_E_Mail))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Phone", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Phone))cmd.Parameters.Append(cmd.CreateParameter("@Spon_TOU", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_TOU))cmd.Parameters.Append(cmd.CreateParameter("@Remote_Computer_Name", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Remote_Computer_Name))cmd.Parameters.Append(cmd.CreateParameter("@Browser_Type", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Browser_Type))cmd.Parameters.Append(cmd.CreateParameter("@unsub_notif", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, unsub_notif))cmd.Parameters.Append(cmd.CreateParameter("@Spon_CurrentMsg_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_CurrentMsg_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Pic_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Pic_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Web_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 250, Spon_Web_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Email_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Email_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_YourName_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 300, Spon_YourName_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Phone_NL", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Phone_NL))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Email", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, Spon_Email))cmd.Parameters.Append(cmd.CreateParameter("@Spon_PhoneBan", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_PhoneBan))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Logo", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Logo))cmd.Parameters.Append(cmd.CreateParameter("@Spon_YourName", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, Spon_YourName))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Pic", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Pic))cmd.Parameters.Append(cmd.CreateParameter("@featurestring", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , featurestring))cmd.Parameters.Append(cmd.CreateParameter("@spon_fr_alias", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, spon_fr_alias))cmd.Parameters.Append(cmd.CreateParameter("@spon_em_addr", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 150, spon_em_addr))cmd.Parameters.Append(cmd.CreateParameter("@spon_sub_line", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , spon_sub_line))cmd.Parameters.Append(cmd.CreateParameter("@spon_add_msg", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, spon_add_msg))cmd.Parameters.Append(cmd.CreateParameter("@spon_add_msg2", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , spon_add_msg2))cmd.Parameters.Append(cmd.CreateParameter("@Spon_Current_Msg", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, , Spon_Current_Msg))cmd.Parameters.Append(cmd.CreateParameter("@newsletter_template", System.Data.SqlDbType.NChar, System.Data.ParameterDirection.Input, 1, newsletter_template))rs = Server.CreateObject("ADODB.Recordset")rs = cmd.Execute\[/code\]Using above code i am getting below error : Arguments are of the wrong type, are out of acceptable range, or are in conflict with one another.\[code\]Description: An unhandled exception occurred during the execution of the current web request.Please review the stack trace for more information about the error and where it originated in the code. \[/code\]Exception Details: \[code\]System.Runtime.InteropServices.COMException: Arguments are of the wrong type, are out of acceptable range, or are in conflict with one another.\[/code\]Source Error: \[code\]Line 858: Line 859: Line 860: cmd.Parameters.Append(cmd.CreateParameter("@sponsor", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 200, sponsor))Line 861: cmd.Parameters.Append(cmd.CreateParameter("@Spon_Username", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_Username))Line 862: cmd.Parameters.Append(cmd.CreateParameter("@Spon_PASSWORD", System.Data.SqlDbType.VarChar, System.Data.ParameterDirection.Input, 50, Spon_PASSWORD))\[/code\]What's wrong in it ?I used the syntax from here : How do I run a parameterized SQL query in classic ASP? And is it secure?Thanks in advance.