Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    May 2011
    Posts
    12
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Database Query using SELECT * FROM WHERE and OR giving Syntax error

    Hi, am having an issue when trying to query a database where i want to display a result if it meets either criteria. i.e. I want it to look at the database and determine if two or more of the database fields correspond to a request.form variable. The query works fine with just one field but when i try to query to see if two or more of the database field match i get a syntax error.

    This is the error i get

    [ICODE] Type mismatch: '[string: "SELECT * FROM Vendor"]'

    When i use the following it works:

    [ICODE] RsVendors.Open "SELECT * FROM Vendors where VendorCategory1 = '" + Replace(VendorCategory, "'", "''") + "'", OBJdbConn

    (Just one field ) But when i try this:

    [ICODE] RsVendors.Open "SELECT * FROM Vendors WHERE VendorCategory1 = '" & request.form("VendorCategory") & "'" OR " WHERE VendorCategory2 = '" & request.form("VendorCategory") & "'",OBJdbConn

    It doesn't

    New to this and am really stuck. Would appreciate any help i can get. Thanks

  • #2
    Senior Coder angst's Avatar
    Join Date
    Apr 2004
    Location
    Toronto, Ontario
    Posts
    2,114
    Thanks
    15
    Thanked 122 Times in 122 Posts
    give this a try:

    PHP Code:
    "SELECT * FROM Vendors WHERE ( VendorCategory1 = '" request.form("VendorCategory") & "' OR VendorCategory2 = '" request.form("VendorCategory") & "')",OBJdbConn 

  • #3
    New Coder
    Join Date
    May 2011
    Posts
    12
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Brilliant, thank you so much....

  • #4
    Senior Coder angst's Avatar
    Join Date
    Apr 2004
    Location
    Toronto, Ontario
    Posts
    2,114
    Thanks
    15
    Thanked 122 Times in 122 Posts
    welcome

  • #5
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,436
    Thanks
    75
    Thanked 4,372 Times in 4,337 Posts
    Except you really *SHOULD* protect against SQL injection and handle apostrophes in values.

    So I'd do:
    Code:
    vc = Replace( Trim(Request.Form("VendorCategory")), "'", "''" )
    
    SQL = "SELECT * FROM Vendors WHERE '" & vc & "' IN ( VendorCategory1, VendorCategory2 )"
    
    RsVendors.Open SQL, OBJdbConn
    Or, even better, get rid of the line (not shown) that does
    Code:
    Set RsVendors = Server.CreateObject("ADODB.Recordset")
    And simply use
    Code:
    vc = Replace( Trim(Request.Form("VendorCategory")), "'", "''" )
    
    SQL = "SELECT * FROM Vendors WHERE '" & vc & "' IN ( VendorCategory1, VendorCategory2 )"
    
    Set RsVendors = OBJdbConn.Execute( SQL )
    For more efficiency.

    You like the sneaky trick to check for the value in more than one DB field?

    You've surely seen SQL that does
    Code:
    ... WHERE whatever IN ('xyz','abc','def')
    But there is no reason at all you can't turn it around and use IN( ) as shown.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •