Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Select Statement
Message
De
17/04/2003 12:44:26
Michael Levy
Cincinnati, Ohio, États-Unis
 
Information générale
Forum:
ASP.NET
Catégorie:
ADO.NET
Titre:
Re: Select Statement
Divers
Thread ID:
00778464
Message ID:
00778921
Vues:
24
>Try :
>String strSelect = "SELECT ins1ln, ins1fn, pxd FROM Policy WHERE agent = '"+ MyAgent + "'" ;

You just have to be careful that you don't expose your application to SQL Injection attacks. You really have to understand the source of MyAgent.

-Mike

>
>You need to put single quotes in the string for SQL, you also need to ADD the value to the string.
>
>>Have you tried parameterizing your query and specifying a value with a Parameter?
>>
>>-Mike
>>
>>>I have a grid on a web form and I am trying to populated it with the following Select statement:
>>>
>>>MyAgent = Session["ProducerCode"].ToString();
>>>String strSelect = "SELECT ins1ln, ins1fn, pxd FROM Policy WHERE agent = MyAgent" ;
>>>
>>>
>>>The problem is that my Where clause does not recognize the variable MyAgent.
>>>
>>>Can anybody help me to populate the Where clause with a Session variable.
>>>
>>>I am using C#.
>>>
>>>Thanks,
>>>Sergio
Michael Levy
MCSD, MCDBA
ma_levy@hotmail.com
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform