While loop times out in ASP classic page

StackOverflow https://stackoverflow.com/questions/19540406

  •  01-07-2022
  •  | 
  •  

Question

My boss wrote this very intricate piece of software like 10 years ago and asked me to migrate it on a new IIS 7 server that I just set up on a VPS. I managed to get everything working smoothly except for a tiny loop that times out and sends the CPU to 100%.

Here's the culprit:

rs_ss.open  "SELECT DISTINCT idMC, idUtente, Categoria FROM forte01.RisorseS WHERE idmc=" & request.querystring("idmc") & " and idutente=" & session("idutente") &  " order by  categoria" ,conn 

if not rs_ss.eof then
     do while not rs_ss.eof

        'conta gli elementi della sottosezione
        rse.filter ="categoria='" & rs_ss("categoria") & "'"
        if not rse.eof then
            n=0
            do while not rse.eof        
                rse.movenext
                n=n+1
            loop
            rse.movefirst   
            r=1
            do while not rse.eof
                dettagliarisorse rse, "s_ss",r ,n
                r=r+1
                rse.movenext
            loop
        end if
        rse.filter =""
        rs_ss.movenext
     loop
end if
rs_ss.close

If I just delete or comment out the central part like so:

rs_ss.open  "SELECT DISTINCT idMC, idUtente, Categoria FROM forte01.RisorseS WHERE idmc=" & request.querystring("idmc") & " and idutente=" & session("idutente") &  " order by  categoria" ,conn 

if not rs_ss.eof then
 do while not rs_ss.eof
   rs_ss.movenext
 loop
end if
rs_ss.close

it keeps doing it.

On the old domain it works without a problem. Any ideas why?

Was it helpful?

Solution 2

The problem lied in the Sql Server user permissions. The user did not have access to that particular schema.

OTHER TIPS

It depends on the data being returned in that query at the top of your code. If it is returning a lot of rows, then this is taking a very slow route to counting rows. Rewrite the query to count the number of occurrences of categoria so that you are not doing it in code so you can drop that loop around n=n+1.

Also, that query at the top has a great big no-no! You are passing raw query string values directly into an inline SQL query. This is an example of code that is vulnerable to SQL injection attacks. The value passed via the query string "idmc" can be easily used as an entry point in a SQL injection attack. If this is a integer numeric, at least wrap this in a function that will not allow free form text to be passed to your inline SQL. i.e.

CInt(Trim(request.querystring("idmc")))
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top