Inserting a field name into query
-
Hello, I have what I think is a simple task, but I have yet to find the answer. I'm trying to insert a table field into a query string from a dropdown list. I'm using MySql for a database, and if I use a control parameter, it inserts the selected value from the dropdown into the query with single quotes, like 'xxx'. MySql wants field name to be unquoted, like xxx. My query is like SELECT name, number, city FROM mytable WHERE xxx LIKE 'something';. And I can't figure out how to insert the xxx into the query without the quotes. I was wondering if any of you have ever done something like this where you entered a field name into a query string. I'm sure this is done somehow. I can't imagine not being able to do this. Any suggestion, and I mean ANY suggestion will be welcomed. How would you do it with MSsql or access?
-
Hello, I have what I think is a simple task, but I have yet to find the answer. I'm trying to insert a table field into a query string from a dropdown list. I'm using MySql for a database, and if I use a control parameter, it inserts the selected value from the dropdown into the query with single quotes, like 'xxx'. MySql wants field name to be unquoted, like xxx. My query is like SELECT name, number, city FROM mytable WHERE xxx LIKE 'something';. And I can't figure out how to insert the xxx into the query without the quotes. I was wondering if any of you have ever done something like this where you entered a field name into a query string. I'm sure this is done somehow. I can't imagine not being able to do this. Any suggestion, and I mean ANY suggestion will be welcomed. How would you do it with MSsql or access?
-
Yes -as Asif says, without the quotes. Dim sFieldName as string = cmbField.Text Dim sSQL as string = "SELECT * FROM MyTable WHERE " & sFieldName & " = 'A Value'" Note that you need to be wary of SQL Injection attacks etc in this case... Can the user modify the combo text?