Injecting form value into query RRS feed

  • Question

  • User-411371642 posted

    Hello, and happy new year!

    New on this forum and also a little bit rusted, so please be kind! ;)

    Can someone please help me figure out how to pass this form input value to the access query?

    form_ID = request("ID")
    'if i hardcode the ID, the page loads properly
    query = "SELECT * FROM MYTABLE WHERE ID = 2"
    'however, when I try to use the value coming from a form, I get a 500 for anything rnaginh form syntax, to data type. 
    query = "SELECT * FROM MODEL_TIMESHEETS WHERE ID = '"& (request("ID")) &"'"
    'rest of script
    Set db = Server.CreateObject("ADODB.Connection")
    db.Open "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("database/INVOICING_DATA.mdb") & ";UID=;PWD="
    set objRS = Server.CreateObject("ADODB.RecordSet")
    objRS.CursorLocation = aduseclient
    objRS.CursorType = adOpenStatic
    objRS.LockType = adLockReadOnly
    objRS.Open query,db, , , adcmdtext

    I was pretty sure this was a correct approach, and see it workign in other files but as I said, Im a little rusty, 

    Any help or guidance is appreciated!


    Friday, January 3, 2020 4:08 AM

All replies

  • User-848649084 posted


    You could use the below code to fetch data based on form value:

    <form method="post" name="form">
    First Name: <input type="text" name="ID"><br><br />
    <input type="Submit" value="More_Info" name="btn">
       ' Response.Write (btnv)
        If btnv = "More_Info" Then
            Dim objConn
            Set objConn = Server.CreateObject("ADODB.Connection")
            objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=D:\aspsamplesite\Database1.mdb;"
            'Response.Write (f_name)
            Set str = objConn.execute("SELECT * FROM Table1 WHERE fname='"& (request("ID")) &"';")
            Response.Write("<table border=1>")
        Response.Write "<tr><td> fname </td><td> lname</td></tr>"
            If str.BOF And str.EOF Then
            ' No data
            Do While (Not str.EOF)
            Response.Write "<tr><td>" & str("fname") & "</td><td>" & str("lname") & "</td></tr>"
            End If
    End If



    Friday, January 3, 2020 9:36 AM