Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
  1. Home
  2. General Programming
  3. Visual Basic
  4. SQL query with where clause

SQL query with where clause

Scheduled Pinned Locked Moved Visual Basic
databasehelptutorial
4 Posts 2 Posters 0 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S Offline
    S Offline
    Shanmukeswara Rao
    wrote on last edited by
    #1

    Hi friends In my SQL query I have like this Str = "ame's account" Qr= "select * from Tab where fld='" & Str & "'" Because of the 's in the where clause string its showing syntax error how to solve this Any clarification let you know, Thanks Shan

    O 1 Reply Last reply
    0
    • S Shanmukeswara Rao

      Hi friends In my SQL query I have like this Str = "ame's account" Qr= "select * from Tab where fld='" & Str & "'" Because of the 's in the where clause string its showing syntax error how to solve this Any clarification let you know, Thanks Shan

      O Offline
      O Offline
      orion807
      wrote on last edited by
      #2

      Shanmukeswara Rao wrote: Str = "ame's account" Qr= "select * from Tab where fld='" & Str & "'" I have had this same problem before. You should use parameters in your query. Combining the strings like this is prone to a SQL injection attack also. The way you use a parameter query depends on if you are using MS SQL or ODBC (MS Access) for your database. If you provide more information or more sample of your code I can show you better. Laterness... Doug

      S 1 Reply Last reply
      0
      • O orion807

        Shanmukeswara Rao wrote: Str = "ame's account" Qr= "select * from Tab where fld='" & Str & "'" I have had this same problem before. You should use parameters in your query. Combining the strings like this is prone to a SQL injection attack also. The way you use a parameter query depends on if you are using MS SQL or ODBC (MS Access) for your database. If you provide more information or more sample of your code I can show you better. Laterness... Doug

        S Offline
        S Offline
        Shanmukeswara Rao
        wrote on last edited by
        #3

        My Database is MSAccess, Earlier I used to solve once this, concatenated with ` symbol before and after the string, now it is not working. Thanks Shan

        O 1 Reply Last reply
        0
        • S Shanmukeswara Rao

          My Database is MSAccess, Earlier I used to solve once this, concatenated with ` symbol before and after the string, now it is not working. Thanks Shan

          O Offline
          O Offline
          orion807
          wrote on last edited by
          #4

          Str = "ame's account" Qr = "select * from Tab where fld=?" Dim cmd As OdbcCommand = New OdbcCommand(Qr, OdbcConnection1) Dim param1 as OdbcParameter = New OdbcParameter("name", OdbcType.VarChar) param1.Value = Str cmd.Parameters.Add(param1) then execute the command... Dim dr As OdbcDataReader = cmd.ExecuteReader() Laterness... Doug

          1 Reply Last reply
          0
          Reply
          • Reply as topic
          Log in to reply
          • Oldest to Newest
          • Newest to Oldest
          • Most Votes

          • Login
          • Don't have an account? Register
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • World
          • Users
          • Groups