HTML Application - Can Javascript write to a local database?

[Mike Preston]

IE 6.0 (not interested in other browsers at the moment)

I have looked everywhere I can find to look and googled until I am
cross-eyed and am hoping somebody knows what I'm doing wrong.

I have an HTML application (.hta) working fine, except one thing. I'm
trying to write to a local database from a .htm window (opened from
the main .hta window) and it doesn't work with any of the combinations
I've tried (and I admit to having tried a lot).

Here is one method I've tried:

strSQL = "Update myTable SET myField = 'myValue' WHERE myID = 12;"
var db = new ActiveXObject("ADODB.Connection");
db.Provider = "Microsoft.Jet.OLEDB.4.0";0
db.ConnectionString = "Data Source='c:\\myDirectory\\myDatabase.mdb'";
db.Open;
db.execute(strSQL);

I can easily access the information in the myDatabase.mdb and display
it on the screen.

I can ask for updated information to be input on the screen.

But stuffing that updated information back into the database is the
problem.

Since I'm stuck in an .htm window, I don't have VBScript available, do
I? If VBScript isn't available and it isn't physically possible with
Javascript, then I'll have to revert to .hta windows, where I know I
have VBScript available. But I'd rather do it all in Javascript
within the .htm so as to avoid the security message that pops up when
the .hta opens a new .hta. For various reasons I don't think it is
possible for me to do this whole project within a single .hta.

Thanks

mike

 

[Mike Preston]

In case this isn't the right newsgroup, could somebody suggest one
that might be a better place to post this?

Thanks

mike

 

[MikeB]

In case this isn't the right newsgroup, could somebody suggest one
that might be a better place to post this?

I think you can ask in this NG. The first thing that leaps to mind is why the window that is opened by
the hta is not also an hta instead of htm.

 

[Mike Preston]

Thanks for the reply, MikeB. See below for response.

I think you can ask in this NG. The first thing that leaps to mind is why the window that is opened by
the hta is not also an hta instead of htm.

"But I'd rather do it all in Javascript within the .htm so as to avoid
the security message that pops up when the .hta opens a new .hta."

I can open the second window as an .hta, but if I do that, I get a
security message about downloading dangerous files, etc. Kind of a
strange message for something that never goes outside the PC itself.

mike

 

[Brian Genisio]

Thanks for the reply, MikeB. See below for response.




"But I'd rather do it all in Javascript within the .htm so as to avoid
the security message that pops up when the .hta opens a new .hta."

I can open the second window as an .hta, but if I do that, I get a
security message about downloading dangerous files, etc. Kind of a
strange message for something that never goes outside the PC itself.

mike

I think you should be looking if there is a way to get rid of the
message (I dont know if it is possible). One of the things that HTA
gives you is the lax security setup. This is precisesly why you can do
something like connect to a database. In a plain HTML page, there is no
way (that I know of) to connect to a local database. That is a security
issue, and the browser says no.

Brian

 

[MikeB]

Thanks for the reply, MikeB. See below for response.



"But I'd rather do it all in Javascript within the .htm so as to avoid
the security message that pops up when the .hta opens a new .hta."

I can open the second window as an .hta, but if I do that, I get a
security message about downloading dangerous files, etc. Kind of a
strange message for something that never goes outside the PC itself.

Mike,
It's been awhile, but If you use a frameset, you can have the *.htm in a frame hosted by the original
HTA operate in the security context of the originating HTA, IOW you can access the filesystem, create
activex, etc without the security bitch.

Mike

 

[Mike Preston]

On Mon, 03 May 2004 15:41:43 -0400, Brian Genisio

Brian, thanks for taking the time to respond. See below.

I think you should be looking if there is a way to get rid of the
message (I dont know if it is possible).

I don't believe there is.

One of the things that HTA
gives you is the lax security setup. This is precisesly why you can do
something like connect to a database. In a plain HTML page, there is no
way (that I know of) to connect to a local database. That is a security
issue, and the browser says no.

Well, from within the .htm I can "connect" just fine. I can read the
database and display a recordset. It is just updating it that it
won't let me do (so far!).

Does the fact that I can read the database lead you to believe that I
can also udpate the database? That is, is it just my syntax that is
incorrect? Or does the fact that I'm using an .htm preclude updating
of the database, even though I can read it just fine?

Thanks

mike

 

[Mike Preston]

Mike,
It's been awhile, but If you use a frameset, you can have the *.htm in a frame hosted by the original
HTA operate in the security context of the originating HTA, IOW you can access the filesystem, create
activex, etc without the security bitch.

Thanks for the reply, Mike. Yes, I might have to go with a frame in
the original .hta. I'm pretty sure that would do exactly as you
describe ==> allow the security parameters to be controlled by the
hta window.

But I'm still holding out hope that somebody will see that my syntax
is wrong and give me the key to updating information from an .htm
spawned by an .hta.

Thanks, again.

mike

 

[MikeB]

Thanks for the reply, Mike. Yes, I might have to go with a frame in
the original .hta. I'm pretty sure that would do exactly as you
describe ==> allow the security parameters to be controlled by the
hta window.

But I'm still holding out hope that somebody will see that my syntax
is wrong and give me the key to updating information from an .htm
spawned by an .hta.

If you use window.open to spawn your new page, the new page is going to be hosted by IE and everything in
that page is going to have to run in IE security context.

 

[Mike Preston]

If you use window.open to spawn your new page, the new page is going to be hosted by IE and everything in
that page is going to have to run in IE security context.

Indeed. That was the solution. Many thanks.

mike