Print Page | Close Window

Data disappears using the Like % Operator

Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: Classic ASP Discussion
Forum Description: Discussion on Active Server Pages (Classic ASP).
URL: https://forums.webwiz.net/forum_posts.asp?TID=4100
Printed Date: 30 March 2026 at 5:01am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com


Topic: Data disappears using the Like % Operator
Posted By: RCorr
Subject: Data disappears using the Like % Operator
Date Posted: 06 July 2003 at 5:40pm

I am searching my database using the Like keyword. I have implemented asp paging to display the results over several pages. I noticed that when I click on next page, I lose my SQL Statement. I solved this by passing along the SQL Statement, e.g. filename.asp?page=2&SQLStament.

My SQL Statment works, however it doesn't like the % in the LIKE keyword when move from page 1. This is my SQL Statement:

rSqlText= SELECT * FROM qryTaskSpecficWorks WHERE UCase(Author) Like '%GRAFF%'

When page 2 is displayed my SQL Statement becomes:

rSqlText= SELECT * FROM qryTaskSpecficWorks WHERE UCase(Author) Like '_AFFð/LM/W3SVC/1/ROOT

I believe this happens because it doesn't know the difference between a space in the address bar (%20) and the % in the Like Clause.

Any assistance would be appreciated.

RCORR


Replies:
Posted By: ljamal
Date Posted: 06 July 2003 at 6:56pm
Never pass a SQL statement as a variable, it leaves you open to SQL injection attacks. if I was to use the statement:
delete from qryTaskSpecficWorks
the page would run it and delete qryTaskSpecficWorks.

To remedy your problem, I suggest just passing the values uses to create the intial SQL query. That way you just re-create the SQL statement without leaving yourself open to SQL injection attacks.

For more information about SQL injection, I suggest searching for SQL injection in your favortie search engine.

-------------
L. Jamal Walton

http://www.ljamal.com/" rel="nofollow - L. Jamal Inc : Web/ Print Design and ASP Programming


Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.08 - https://www.webwizforums.com
Copyright ©2001-2026 Web Wiz Ltd. - https://www.webwiz.net