Last active
December 8, 2022 04:18
-
-
Save augustyip/e08d77ff942265fbf72cd947b3988db2 to your computer and use it in GitHub Desktop.
ASP Classic VBscript Parameterized SQL Query
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <% | |
| Dim CONN | |
| Set CONN = server.CreateObject("ADODB.Connection") | |
| CONN.Open connstr | |
| Dim CMD | |
| set CMD = server.CreateObject("ADODB.Command") | |
| set CMD.ActiveConnection = CONN | |
| sql = "SELECT * FROM table WHERE name=? OR field LIKE ?" | |
| CMD.Parameters.Append CMD.CreateParameter("@p1", 200, 1, 200, nameVar) | |
| CMD.Parameters.Append CMD.CreateParameter("@p2", 200, 1, 200, "%" + fieldVar + "%") | |
| CMD.CommandType = 1 | |
| CMD.CommandText = sql | |
| Set recordset = server.CreateObject("ADODB.Recordset") | |
| recordset.CursorType = 3 | |
| recordset.CursorLocation = 3 | |
| recordset.Open CMD,, adOpenStatic | |
| totalRecords = recordset.RecordCount | |
| ... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment