December 1st, 2011, 04:28 PM
Passing parameters in .asp to build SQL select string
Apologies for any lack of protocol I don't use forums much.
I am using Frontpage 2003 ( old I know but it's all I have available ) trying to pass a few simple parameters from one .asp page to another in which I want to use the received parameters to build a SQL string e.g. "Select * from xyzfile where field 1=parameter1 AND field 2 = parameter 2" to read data from an Access database.
I can actually achieve this as long as the AND is hard coded in the string that I build. However if I include a parameter3 from the first page which enables me to select and AND or an OR I am unable to get the SQL string to work.
E.G. I can build an SQL string "Select * from Tablex where Field1='::Parameter1::' AND Field2='::Parameter2::'" and it works.
But if I build it to accomodate the 3rd parameter as follows : "Select * from Tablex where Field1='::Parameter1::' " + '::Parameter3::' + "Field2='::Parameter2::'" it fails.
No matter what I do with ' " + & it seems that the parameters can be read as values for comparison but not as part of the SQL statement itself.
Is there a way round this please.
I hope I've made myself clear and apologise if not. I'm not at work so the actual code is not available but if necessary I could post it in the future.
Thanks in anticipation.
December 1st, 2011, 10:28 PM
One tip, use & to concatenate not +
You'll probably need to put the literal strings AND and OR in variables, then use whichever is appropriate when building your sql string.
I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton