Writing dyanmic SQL in an ASP page

By Bill Graziano on 29 July 2000 | Tags: Queries


Alejandro writes "Please help me, I can't write the syntax for something like this: search?cat1=America&cat2=EEUU . . . "

I can't write the syntax for something like this:

search?cat1=America&cat2=EEUU

I have this:

MySQL = "SELECT * FROM MiTable WHERE cat1='" & Request.QueryString("cat1") & cat2='" & Request.QueryString("cat2") "'"

Alejandro,

I always try to start with the results when I'm writing dynamic SQL in an ASP page. I'm guessing you want to end up with something like this:

Select *
From MiTable
Where cat1 = 'America'
and cat2 = 'EEUU'

I also try to simplify my code so that it's easier to read. When I'm building complex strings (like SQL statements) it really help to break it into multiple lines that each append to the string. Your code might look something like this:

MySQL = "SELECT * FROM MiTable "
MySQL = MySQL & " Where cat1='" & Request.QueryString("cat1") & "'"
MySQL = MySQL & " and cat2='" & Request.QueryString("cat2") & "'"

Remeber that SQL Server likes single quotes around character constants (strings) and not double quotes. Also remember to leave spaces between SQL keywords if you use this approach.

I would also be careful using Select *. This will bring back every column in a table or view. If tables change over time you might be returning values you don't need. I'd suggest you list the specific fields you want in your Select statement.


Related Articles

Using Dynamic SQL in Stored Procedures (7 March 2011)

Joining to the Next Sequential Row (2 April 2008)

Writing Outer Joins in T-SQL (11 February 2008)

Aggregating Correlated Sub-Queries (23 October 2007)

How to Use GROUP BY with Distinct Aggregates and Derived tables (31 July 2007)

How to Use GROUP BY in SQL Server (30 July 2007)

Returning Complex Data from User-Defined Functions with CROSS APPLY (11 June 2007)

Returning a week number for any given date and starting fiscal month (2 May 2007)

Other Recent Forum Posts

Update error. Subquery returned more than 1 value (4d)

Resource Governor Opinions (5d)

Order by string has dash (5d)

SQL Server to PostgreSQL (5d)

SQL Union Create Custom Field to Different 2 Tables Output (5d)

Bulk alter SQL column data value in MS-SQL2019 in trans-sql (5d)

Bulk alter SQL column data value in MS-SQL2019 in a Trans-Sql (5d)

Filter query base on date field (10d)

- Advertisement -