December 1st, 2011, 03:28 PM
Passing parameters in .asp to build SQL select string
Apologies for any lack of protocol I don't use forums much.
I am using Frontpage 2003 ( old I know but it's all I have available ) trying to pass a few simple parameters from one .asp page to another in which I want to use the received parameters to build a SQL string e.g. "Select * from xyzfile where field 1=parameter1 AND field 2 = parameter 2" to read data from an Access database.
I can actually achieve this as long as the AND is hard coded in the string that I build. However if I include a parameter3 from the first page which enables me to select and AND or an OR I am unable to get the SQL string to work.
E.G. I can build an SQL string "Select * from Tablex where Field1='::Parameter1::' AND Field2='::Parameter2::'" and it works.
But if I build it to accomodate the 3rd parameter as follows : "Select * from Tablex where Field1='::Parameter1::' " + '::Parameter3::' + "Field2='::Parameter2::'" it fails.
No matter what I do with ' " + & it seems that the parameters can be read as values for comparison but not as part of the SQL statement itself.
Is there a way round this please.
I hope I've made myself clear and apologise if not. I'm not at work so the actual code is not available but if necessary I could post it in the future.
Thanks in anticipation.
December 1st, 2011, 09:28 PM
One tip, use & to concatenate not +
You'll probably need to put the literal strings AND and OR in variables, then use whichever is appropriate when building your sql string.
It is a truism of American politics that no man who can win an election deserves to. --Trevanian, from the novel Shibumi