Billy wrote:
This string is supposed to provide all records from an MDB database
that match the courier and date specified in the query. I
Response.Write the query and I get a date as 1/27/2007. The date
format style is exactly the field specification as I see in the MDB
Date field in the Courier table. The data for this query exists - both
the courier and date that I'm selecting.
However, when the file continues processing and the results are
displayed - no data!
What am I doing wrong here? Why would an MDB not understand a date
format of mm/dd/yyyy if that is what I'm explicitly seeing in the
field of the table? There are no constraints on the field design.
'<snip of the code>
cfedexSQLstr = "SELECT * FROM Courier WHERE Courier.Courier = 'Fedex'
AND Courier.Date = " & strDate & ""
Date literals need to be delimited with octothorps (#). When you
response.write your sql statement, the date needs to be surrounded with #s
You have other problems:
Using selstar:
http://www.aspfaq.com/show.asp?id=2096
Using an ambiguous date format:
http://classicasp.aspfaq.com/date-ti...ith-dates.html
Using a reserved keyword for a field name (Date):
http://www.aspfaq.com/show.asp?id=2080
Further points to consider:
Your use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/...e36562fee7804e
Personally, I prefer using stored procedures, or saved parameter queries
as
they are known in Access:
http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl http://groups.google.com/groups?hl=e...tngp13.phx.gbl
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
