> SELECT * FROM news_pr
> Where Headline like '%#var1#%'
> or BodyText like '%#var2#%'
> or tagline like '%#var3#%'
> and pr_status='Active'
> and Year(pr_date) = #FORM.pubDATE#
> order by pr_date desc
Make sure you are cleaning those variables before you run the query,
you don't want someone sticking in "';drop table users;" in there.
--
Damien McKenna - Web Developer - [EMAIL PROTECTED]
The Limu Company - http://www.thelimucompany.com/ - 407-804-1014
"Nothing endures but change." - Heraclitus
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
