Not working?????

M

Matt

why isn't this working??? I get an 'Expected end of statement' error
on last line

<!-- #include file="adovbs.inc" -->

<%

function SetCheckbox(arg)
if arg then
SetCheckbox="checked"
else
SetCheckbox=""
end if
end function

%>

<%

Dim Conn, RS, SQL
Dim strConnect, strJobArea

strJobArea = Request.Form("SelectJobArea")


strConnect = "Driver={Microsoft Access Driver
(*.mdb)};DBQ=\\CALSJ1\PMAPPS\pmdata.mdb"
Set conn = Server.CreateObject("ADODB.Connection")

SQL = "SELECT J.*, D.JobName " _
& " FROM mstJobs AS J, dtlContacts AS D " _
& " WHERE J.JobNumber = D.JobNumber " _
& " AND J.JobAdministrator= '" & strJobArea & "' " _
& " AND J.ContractStatusClosed = False " _
& " AND J.ContractStatus = True " _

Set RS = conn.Execute( SQL )

%>
 
B

Bob Barrows [MVP]

Matt said:
why isn't this working??? I get an 'Expected end of statement' error
on last line
Click to expand...
& " AND J.ContractStatus = True " _
Set RS = conn.Execute( SQL )
Click to expand...
You have a line continuation character with no line continuation ...


Further points to consider:
You use of dynamic sql is leaving you vulnerable to hackers using sql
injection:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23

See here for a better, more secure way to execute your queries by using
parameter markers:
http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e

Personally, I prefer using stored procedures, or saved parameter queries as
they are known in Access:

Access:
http://www.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&[email protected]

http://groups.google.com/groups?hl=...=1&[email protected]
 
M

Matt

After removing the continuation character I am getting...

Error Type:
ADODB.Connection (0x800A0E78)
Operation is not allowed when the object is closed.
 
D

Dave Anderson

Matt said:
After removing the continuation character I am getting...

Error Type:
ADODB.Connection (0x800A0E78)
Operation is not allowed when the object is closed.
Click to expand...

Open your connection. It's pointless to create a connection string and then
fail to use it.
 
M

Matt

I added:

conn.Open strConnect
Set RS = conn.Execute( SQL )

but now i get the following error - 'Too few parameters. Expected 1"

????
 
M

Matt

I added:

conn.Open strConnect
Set RS = conn.Execute( SQL )

but now i get the following error - 'Too few parameters. Expected 1"

????
 
B

Bob Barrows [MVP]

Matt said:
I added:

conn.Open strConnect
Set RS = conn.Execute( SQL )

but now i get the following error - 'Too few parameters. Expected 1"
Click to expand...
You should go read the links i posted in my first reply.

It is time to take a look at the actual sql statement:
response.write SQL
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Syntax Error in SQL Update Statement 3
Data Type Mismatch 1
Help with code 6
INSERT INTO error 3
ASP Access Recordset Paging 6
The correct way to close a database connection? 12
Form Data not carrying over??? 4
DB not unlocking? 2

Members online

No members online now.
Total: 53 (members: 0, guests: 53)
Robots: 181

Forum statistics

Threads
473,764
Messages
2,569,564
Members
45,039
Latest member
CasimiraVa

Latest Threads

Top