On Aug 17, 2004, at 11:42 PM, Les Mizzell wrote:
> SELECT * FROM news_pr
> Where Headline like '%#var1#%'
> or BodyText like '%#var2#%'
> or tagline like '%#var3#%'
> and pr_status='Active'
> and Year(pr_date) = #FORM.pubDATE#
> order by pr_date desc
Make sure you are cleaning those variables before you run the query,
you don't want someone sticking in "';drop table users;" in there.
--
Damien McKenna - Web Developer - [EMAIL PROTECTED]
The Limu Company - http://www.thelimucompany.com/ - 407-804-1014
"Nothing endures but change." - Heraclitus
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- Get Records where form.year = year of date in database..... Les Mizzell
- Re: Get Records where form.year = year of date in d... Barney Boisvert
- One More Stupid Query Question Les Mizzell
- RE: One More Stupid Query Question Joe Eugene
- Re: One More Stupid Query Question Damien McKenna
- Re: One More Stupid Query Question Jochem van Dieten
- Re: Get Records where form.year = year of date in d... Don