472,145 Members | 1,416 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,145 software developers and data experts.

Easy string problem: invalid syntax????

I get an incorrect syntax error pointing to the semicolon when I run
this sql statement with a dynamic querystring (geid is primary key
integer datatype):

sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"
...i've tried every possible combination, obviously breaking syntax
rules, and keep getting the error pointing to either the ; or the =

???????
netsports

Feb 8 '07 #1
9 2166

".Net Sports" <ba********@cox.netwrote in message
news:11**********************@p10g2000cwp.googlegr oups.com...
>I get an incorrect syntax error pointing to the semicolon when I run
this sql statement with a dynamic querystring (geid is primary key
integer datatype):

sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"
..i've tried every possible combination, obviously breaking syntax
rules, and keep getting the error pointing to either the ; or the =

???????
netsports
Have you established that Request.QueryString("id") holds a valid value?
<%
sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"
Response.Write sql
Response.End
%>

--
Mike Brind
Feb 8 '07 #2
Pav
On Feb 8, 11:10 pm, ".Net Sports" <ballz2w...@cox.netwrote:
I get an incorrect syntax error pointing to the semicolon when I run
this sql statement with a dynamic querystring (geid is primary key
integer datatype):

sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"

..i've tried every possible combination, obviously breaking syntax
rules, and keep getting the error pointing to either the ; or the =

???????
netsports
Can you use it like this

Dim sID
sID=request.QueryString("id")

sql="SELECT firstname,lastname from general where geid = ' "&sID&" '
". <Remove space between double quote and single quote>
Feb 8 '07 #3
Pav wrote on 08 feb 2007 in microsoft.public.inetserver.asp.general:
On Feb 8, 11:10 pm, ".Net Sports" <ballz2w...@cox.netwrote:
>I get an incorrect syntax error pointing to the semicolon when I run
this sql statement with a dynamic querystring (geid is primary key
integer datatype):

sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"

..i've tried every possible combination, obviously breaking syntax
rules, and keep getting the error pointing to either the ; or the =

???????
netsports

Can you use it like this

Dim sID
sID=request.QueryString("id")

sql="SELECT firstname,lastname from general where geid = ' "&sID&" '
". <Remove space between double quote and single quote>
.... and just when it works this is so VERY DANGEROUS,
as putting a request.QueryString() value directly into a SQL string
without thorough validation, is inviting being severely hacked by sql-
injection, puting your whole database for the hacking world to duplicate,
change and destroy. And sometimes even to allow the hacker to insert a
shell command in the string and opening your HD drives to him.
[.. or her. Are there female hackers btw?]
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Feb 8 '07 #4
Why don't you just leave off the ; ?

Bob Lehmann

".Net Sports" <ba********@cox.netwrote in message
news:11**********************@p10g2000cwp.googlegr oups.com...
I get an incorrect syntax error pointing to the semicolon when I run
this sql statement with a dynamic querystring (geid is primary key
integer datatype):

sql="SELECT firstname,lastname from general where geid = " &
request.QueryString("id") & ";"
..i've tried every possible combination, obviously breaking syntax
rules, and keep getting the error pointing to either the ; or the =

???????
netsports

Feb 9 '07 #5
"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn********************@194.109.133.242...
[.. or her. Are there female hackers btw?]
No. Only wives and girlfriends of hackers who can often be heard asking,
"When are you going to get off that
@#$% COMPUTER?"
--
Roland Hall
Feb 12 '07 #6
Roland Hall wrote on 12 feb 2007 in
"Evertjan." <ex**************@interxnl.netwrote in message
>[.. or her. Are there female hackers btw?]

No. Only wives and girlfriends of hackers who can often be heard
asking, "When are you going to get off that
@#$% COMPUTER?"
Evidently from personal experience, Roland.

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Feb 12 '07 #7

"Roland Hall" <nobody@nowherewrote in message
news:%2****************@TK2MSFTNGP04.phx.gbl...
"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn********************@194.109.133.242...
>[.. or her. Are there female hackers btw?]

No. Only wives and girlfriends of hackers who can often be heard asking,
"When are you going to get off that
@#$% COMPUTER?"
Sorry. I do not believe that for one second.

There is absolutely NO WAY that any half decent hacker would leave their
computer long enough to expose themselves to the possibility of meeting
someone of the opposite sex.

You are mistaking hackers for developers, I reckon.
Feb 12 '07 #8
"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn********************@194.109.133.242...
Roland Hall wrote on 12 feb 2007 in
>"Evertjan." <ex**************@interxnl.netwrote in message
>>[.. or her. Are there female hackers btw?]

No. Only wives and girlfriends of hackers who can often be heard
asking, "When are you going to get off that
@#$% COMPUTER?"

Evidently from personal experience, Roland.
Evidently, although my hat is gray! (O;=

--
Roland Hall
Feb 13 '07 #9
"Mike Brind" <du***@newsgroups.comwrote in message
news:u2**************@TK2MSFTNGP02.phx.gbl...
>
"Roland Hall" <nobody@nowherewrote in message
news:%2****************@TK2MSFTNGP04.phx.gbl...
>"Evertjan." <ex**************@interxnl.netwrote in message
news:Xn********************@194.109.133.242...
>>[.. or her. Are there female hackers btw?]

No. Only wives and girlfriends of hackers who can often be heard asking,
"When are you going to get off that
@#$% COMPUTER?"

Sorry. I do not believe that for one second.

There is absolutely NO WAY that any half decent hacker would leave their
computer long enough to expose themselves to the possibility of meeting
someone of the opposite sex.

You are mistaking hackers for developers, I reckon.
Pr( * Y * )n & h3x1n g0 2g3th3r

--
Roland Hall
Feb 13 '07 #10

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

6 posts views Thread by Chris Connett | last post: by
33 posts views Thread by Jim Hill | last post: by
108 posts views Thread by Bryan Olson | last post: by
3 posts views Thread by krzychu | last post: by
7 posts views Thread by al | last post: by
2 posts views Thread by Tom Larard | last post: by
reply views Thread by Saiars | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.