|
|||||||||
|
|||||||||
|
|||||||||
 |
|||||||||
| |
||
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
|
|||||||||
| |
||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
ASP Free Forums Sponsor:
|
|
SlickEdit: Code in over 40 languages across 7 platforms. SlickEdit’s unmatched power, speed, and flexibility allows even the most accomplished developers to write better code faster. Download a free trial today! |
|
#1
May 13th, 2008, 05:36 AM
|
|||
|
|||
|
Database - Recordset - Search Queries
Hi all,
am new to this, so hope you are all well. Ive recently got back into a project I started some months ago. Its an information site. It uses a classic ASP link, to aan MS Access backend. I use a search, but it has two major flaws Id like to get fixed: 1) Case Sensative-need to remove it 2) Punction Marks kill it- a little help? The code is below: Code:
<div id="search">
<form method="post" action="serch.asp"> Enter Location: <input type="text" size="10" name="search" /><input type="submit" name="submit" value="Go" /></form>
</div>
<%
' see if the form SUBMIT button was pressed
if request.form("submit") = "Go" then
Search = request.form("search")
If (search = "") Then
SearchVal = true
Error = true
End if %>
<table>
<tr>
<th>Location Name</th>
<th> Location Address</th>
<th>Location Rating</th>
<th>Location Catogory</th>
</tr>
<%
set conn=server.createobject("ADODB.Connection")
strMDBpath = Server.MapPath("DisabilityNet.mdb")
conn.open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=" & strMDBPath
set objRS=server.createobject("ADODB.Recordset")
' build the SQL statement
strSQL = "SELECT * FROM Locations WHERE LocationName LIKE '%" & Search & "%';"
'pass the SQL command to the db connection
objRS.open strSQL,conn,1,2
' loop through all the db results
Do while not objRS.EOF
response.write "<p>"
' output the id field to the screen
response.write "<tr>"
response.write "<td>"
response.write objRS("LocationName")
response.write "</td>"
response.write "<td>"
response.write objRS("LocationAddress")
response.write "</td>"
response.write "<td>"
response.write objRS("LocationRating")
response.write "</td>"
response.write "<td>"
response.write objRS("LocationCategory")
response.write "</td>"
response.write "</tr>"
' move to the next object in the record set
objRS.movenext
' loop again
Loop
' close the db connection (important)
%></table>
<%
end if
%>
Thanks in advance
|
|
#2
May 13th, 2008, 05:44 AM
|
||||||
|
||||||
|
hi and welcome to the forum!!
Cant see where its case-sensitive!! But for punctuation marks, u need to check for single quotes for every user entered thing, its called sql injections, try this Code:
Search = Replace(request.form("search"), "'", "")
You can read about it here http://www.w3schools.com/vbscript/func_replace.asp
|
|
#3
May 13th, 2008, 06:01 AM
|
||||
|
||||
|
Hi,
In terms of case sensitivity, you could force everything to uppercase to make sure that you are comparing like for like: Code:
strSQL = "SELECT * FROM Locations WHERE UCase(LocationName) LIKE '%" & UCase(Search) & "%';"
|
|
#4
May 13th, 2008, 07:37 AM
|
|||
|
|||
|
Quote:
Sorry, Ive not made my request clear, it needs to be case INsenastive, so if I enter DOG, Dog or dog, the output is the same.
|
|
#5
May 13th, 2008, 07:42 AM
|
||||
|
||||
|
Quote:
Hi, Have you tested the code I posted? Basically all it is doing is making sure that anything you search on is forced to uppercase. So if you search for dOg, dog, doG, DoG etc. it will be forced to DOG and compared with DOG. You can display the records in the case in which they are stored, they are only treated as uppercase for the comparison!!
|
|
#6
May 13th, 2008, 09:18 AM
|
||||
|
||||
|
Quote:
unfortuantely...if you had just tested sync's suggestion...you would have clearly seen what it's doing...now you have to wait and probably won't get another response vs testing...implementing...moving on... it's important to test one's suggestion....if it doesn't work..then we can tackle it at another angle....but it would behoove you to take advice from more experienced developers rather than rely on visual logic on a side note....you can eliminate the special characters with a little used vbs object called regex.....it may look intimidating..but what you are asking for....alphanumeric w/space....is listed in the following link http://www.15seconds.com/issue/010301.htm
__________________
Please give respect to those that helped solve an issue by clicking on the reputation icon 
|
|
#7
May 13th, 2008, 09:21 AM
|
|||
|
|||
|
Quote:
Thank you!
|
|
| Viewing: ASP Free Forums > Programming > ASP Development > Database - Recordset - Search Queries |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
