Webmaster-Talk.com > Coding Talk > JavaScript Forum > How to Execute a SQL Server's Stored Procdure from Javascript(JS)

Reply
How to Execute a SQL Server's Stored Procdure from Javascript(JS)
Old 03-18-2008, 05:53 AM How to Execute a SQL Server's Stored Procdure from Javascript(JS)
Novice Talker

Posts: 10
Name: Muhammad Abrar
Talkupation: AbrarNazeer is on a distinguished road
How to get a scalar value output by Executing a SQL Server's Stored
Procdure from Javascript(JS) file.
Although there are some examples on internet with Server object i.e
Server.CreateObject("ADODB.connection")
but i m seeing the error "Server is undefined".
If i put this code on a web page (e.g aspx - asp.net 2.0 ) then it will work
fine. But my requirement is to Execute this code from JS file.
(
JS file is called by an HTML page via a Script tag.
<script type="text/javascript" src="myFile.js"></script>
)
AbrarNazeer is offline
Reply With Quote
View Public Profile
 
When You Register, These Ads Go Away!
     
Old 03-18-2008, 08:14 AM Re: How to Execute a SQL Server's Stored Procdure from Javascript(JS)
chrishirst's Avatar
Super Moderator

Posts: 12,819
Location: Blackpool. UK
Talkupation: chrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond reputechrishirst has a reputation beyond repute
javascript cannot "talk" directly to a SQL server
__________________
Chris. ->> Links are advertising NOT optimising!! <<-
Indifference will be the downfall of mankind, but who cares?
Code Samples | People Counting System
chrishirst is online now
Reply With Quote
View Public Profile Visit chrishirst's homepage!
 
Old 03-18-2008, 11:03 AM Re: How to Execute a SQL Server's Stored Procdure from Javascript(JS)
ADAM Web Design's Avatar
Canadastaninianite

Latest Blog Post:
A Strange Forum Policy: The Boutique Board
Posts: 5,945
Name: Adam for web page design, not program
Location: Toronto, Ontario, Canada
Talkupation: ADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond reputeADAM Web Design has a reputation beyond repute
No, it cannot for security reasons. Javascript code is client-side, which means anyone can read it...including any parts related to connection to the database.

This could be done in AJAX, but not Javascript. How you do it depends on your setup, there are about a million answers, and you're not going to get one in this thread for what you're doing.

This, however, leads to a deeper problem...you seem to be overtrained in knowledge and undertrained in application and critical thinking. You need to do some studying up on what different languages can do and how they're to be used.
ADAM Web Design is offline
Reply With Quote
View Public Profile Visit ADAM Web Design's homepage!
 
Old 03-18-2008, 01:37 PM Re: How to Execute a SQL Server's Stored Procdure from Javascript(JS)
Learning Newbie's Avatar
Moderator

Latest Blog Post:
What’s He Looking At?
Posts: 4,986
Name: John Alexander
Talkupation: Learning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond reputeLearning Newbie has a reputation beyond repute
Scalar = 1 value, something that can fit into a variable that isn't a collection or an array. You can get the return value to javascript using a hidden input form field.

You can build an ASPX page that the javascript calls, and have that page execute your procedure and put the results in a hidden field.

Your database server shouldn't be reachable from just any random person's computer who's looking at your page. Forget SQL Injection - that only happens when a person can guess how your application works, and give just hte right input to trick it into running a query they want run. Imagine the fun that comes when people can just send any query they like directly, using javascript. Think

DECLARE @SQL VARCHAR(MAX)
SELECT @SQL = 'TRUNCATE TABLE ' + NAME FROM SYS.TABLES
EXEC (@SQL)

Bye bye all the data in your database.

Why would you ever want to let people talk directly to your SQL Server themselves?
__________________
4 ways to improve the lives of the "bottom billion"

"HEY YOU KIDS GET OFF MY LAWN!" -John McCain
Learning Newbie is offline
Reply With Quote
View Public Profile
 
Reply     « Reply to How to Execute a SQL Server's Stored Procdure from Javascript(JS)
 
Previous Thread | Next Thread Webmaster-Talk.com > Coding Talk > JavaScript Forum > How to Execute a SQL Server's Stored Procdure from Javascript(JS)

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Webmaster Resources Marketplace:
Software Development Company | Webhosting.UK.com
Web Templates | Text Link Brokers | Stock Photos


   
RSS Feed  Feeds: RSS   JS   XML
RSS Feed  Feeds for this forum: RSS   JS   XML

 


Page generated in 0.13222 seconds with 13 queries