Hi to all.
I'm making a web application in which users enter text
for a person's name, last name, sex, etc.
But user doesn't have to populate all text boxes, so I don't know how to
make query without these conditions (for example if I have an empty string
for a name) .
I've got 9 text boxes, so I can't write all combinations - it's to many of
them.
Thanks a lot 4 1479
Hi Ime,
I generally use lots of ifs, i know you have to write a lot of cide, but it
works, and its less than doing 9 different select statements! eg (in C#,
sorry)
string query, where;
query "SELECT * FROM table WHERE (";
// textbox 1
if(textbox1.text != "")
where = "(field = '" + textbox1.text + "')";
// textbox 2
// textbox 3
// etc
// finalise
query += where + ") ORDER BY field ASC";
Of course, you need some code to and in " AND " into your where string, but
thats the basics. Then just query your database with the string query.
HTH
Dan
"ime" wrote: Hi to all. I'm making a web application in which users enter text for a person's name, last name, sex, etc. But user doesn't have to populate all text boxes, so I don't know how to make query without these conditions (for example if I have an empty string for a name) . I've got 9 text boxes, so I can't write all combinations - it's to many of them. Thanks a lot
Thanks Dan
"dhnriverside" <da*@musoswire.com> wrote in message
news:16**********************************@microsof t.com... Hi Ime,
I generally use lots of ifs, i know you have to write a lot of cide, but it works, and its less than doing 9 different select statements! eg (in C#, sorry)
string query, where; query "SELECT * FROM table WHERE (";
// textbox 1 if(textbox1.text != "") where = "(field = '" + textbox1.text + "')";
// textbox 2 // textbox 3 // etc
// finalise query += where + ") ORDER BY field ASC";
Of course, you need some code to and in " AND " into your where string, but thats the basics. Then just query your database with the string query.
HTH
Dan
"ime" wrote:
Hi to all. I'm making a web application in which users enter text for a person's name, last name, sex, etc. But user doesn't have to populate all text boxes, so I don't know how to make query without these conditions (for example if I have an empty string for a name) . I've got 9 text boxes, so I can't write all combinations - it's to many of them. Thanks a lot
Make sure you validate any User Supplied Fields to guard against SQL
injection with this approach though!
"ime" wrote: Hi to all. I'm making a web application in which users enter text for a person's name, last name, sex, etc. But user doesn't have to populate all text boxes, so I don't know how to make query without these conditions (for example if I have an empty string for a name) . I've got 9 text boxes, so I can't write all combinations - it's to many of them. Thanks a lot
=?Utf-8?B?TWFydGluIFNtaXRo?= <Ma*********@discussions.microsoft.com>
confessed in news:57**********************************@microsof t.com: Make sure you validate any User Supplied Fields to guard against SQL injection with this approach though!
"ime" wrote:
Hi to all. I'm making a web application in which users enter text for a person's name, last name, sex, etc. But user doesn't have to populate all text boxes, so I don't know how to make query without these conditions (for example if I have an empty
string for a name) . I've got 9 text boxes, so I can't write all combinations - it's to many
of them. Thanks a lot
Good point about injection! The secure way to insert is to us a
parameterized query. That said, I'm not going to use one, but
demonstrate a simple insert.
Why all the ifs?
Make sure your database fields can accept null values.
Then:
String var1, var2, var3, var4;
var1 = TextBox1.Text.Replace ("'","''");
var2 = TextBox2.Text.Replace ("'","''");
var3 ...
Then build your SQL string: (Linebreaks added for clarity).
sql = "INSERT INTO Table
(
field1,
field2,
field3,
field4
) VALUES ( " +
var1 + ", " +
var2 + ", " +
var3 + ", " +
var4 + ";"
)
My syntax may be off, but do you get the idea?
-- ipgrunt This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: ben |
last post by:
I have been using a nasty combination of php and mysql to generate a
narrow down by attribute bar as seen on the likes of shopping.com. For
example a user could select 4X Zoom to narrow down a...
|
by: Ryan Govostes |
last post by:
Eh, I was wondering if anyone could help me with a SQL query problem
I'm having. I'm a complete newbie to SQL and MySQL, so any help would
be greatly appreciated.
I am using PHP to allow users...
|
by: Jim |
last post by:
I need help on a query.
There is a common titles database for several radio stations
Some titles are enabled and some are not enabled for each station.
Example of some tables:
Titles ...
|
by: Michelle |
last post by:
Hi all,
I have a query that scans huge table consists of 8 or more millions
records. The funny thing is that if I use the query with local
variable, the query takes more than 1 minutes,...
|
by: majsen |
last post by:
Hi, I have problem running this query. It will time out for me...
My database are small just about 200 members.
I have a site for swaping appartments (rental). my query should look
for match
in...
|
by: Greg Strong |
last post by:
Hello All,
Is it possible to create multiple random numbers in a query where
there are numerous records?
I've created a custom function. When I use it in a query it creates
the same random...
|
by: michael.boucher |
last post by:
I have an address field of 60000+ that I am trying to clean. One thing
I am trying to do is take every apartment number and make it more
standard. Here is my question:
How do I take a record...
|
by: Samik2003 |
last post by:
Hello,
The problem is my query is not extracting the correct xml data from the database :
Is there something which I am missing??
ANy help would be appriciated.
Thanks,
Sam.
THis is the...
|
by: Yash |
last post by:
Hi,
I am using SQL 2000 SP4.
I have compared 2 scenarios:
Scenario 1:
insert into #bacs_report
SELECT .....
WHERE <conditions>
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |