Pondering it further, try escaping your SQL object names, i.e. use square braces around the column and table names. So:
SELECT * FROM [Users] WHERE [UserLogin] = <cfqueryparam cfsqltype="cf_sql_varchar" value="#Form.UserLogin#"> AND [Password] = <cfqueryparam cfsqltype="cf_sql_varchar" value="#Form.Password#"> I suspect 'password' or 'users' may be the name of an access function that requires parameters. Dominic On 23/01/2008, Dominic Watson <[EMAIL PROTECTED]> wrote: > > THANKS EVERYONE. YES, I FOUND THE SINGLE QUOTE BUT IT MADE NOT DIFFERENCE. > > NOW I AM GETTING THIS ERROR MESSAGE: > > > Well it did make a difference then didn't it :p > > I can't answer the question about the error but are you absolutely tied to > using access for the database? If you have the option, I suggest you switch > to something else like SQL Server Express (free) or SQL Server if you or the > client can afford it. > > Also, use cfqueryparam for those values. Someone on the list has just > reported a SQL injection attack today. It happens. Start using cfqueryparam > now and save yourself a headache later. > > Dominic > > -- > Blog it up: http://fusion.dominicwatson.co.uk > -- Blog it up: http://fusion.dominicwatson.co.uk ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:297164 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
