Hello,
I am using DreamWeaver 8.0.2 and coding in ASP/javascript.

If I pass this url:
www.tld.com/index.asp?id=3

my code to accept it looks like this...

<pre id=code><font face=courier size=2 id=code>
&lt;%
var rsContactInfo__MMColParam = "1";
if (String(Request.QueryString("id") != "undefined" &&
String(Request.QueryString("id") != "" {
rsContactInfo__MMColParam = String(Request.QueryString("id");
}
%&gt;

&lt;%
var rsContactInfo_cmd = Server.CreateObject ("ADODB.Command";
rsContactInfo_cmd.ActiveConnection = MM_ConnLNP_STRING;
rsContactInfo_cmd.CommandText = "SELECT CInfoRefID, CInfoOCN, CInfoName, CInfoPhone, CInfoEmail, Ocn.OCN_NAME FROM ContactInfo LEFT JOIN Ocn On ContactInfo.CInfoOCN = Ocn.OCN_NUMBER WHERE CInfoRefID = ?";
rsContactInfo_cmd.Prepared = true;
rsContactInfo_cmd.Parameters.Append(rsContactInfo_cmd.CreateParameter("param1", 5, 1, -1, rsContactInfo__MMColParam)); // adDouble

var rsContactInfo = rsContactInfo_cmd.Execute();
var rsContactInfo_numRows = 0;
%&gt;
</font id=code></pre id=code>

All works fine. According to Adobe technote, this rewrite makes my code safe from sql injection.
kb.adobe.com/selfservice/viewContent.do?externalId=581a553c&sliceId=2#insert

But if the user goes to this page and changes my url to:
www.tld.com/index.asp?id=3a

This new code will create an error on my page that says...

Error Type:
ADODB.Command (0x800A0D5D)
Application uses a value of the wrong type for the current operation.
/forms/PortInitNumbers.asp, line 49

I know the parameter says to look for a numeric value, but I dont want my page to bomb. Is there way to check and if it fails it does a redirect to an logout page? How do I code this properly?

Thanks in advance.

I just realized this maybe the wrong forum for my question. Mods if you feel it should be moved, can you do it for me?

Thanks again.

DW 8.0.2 | ASP | ACCESS