Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
erico
Starting Member
34 Posts |
 Posted - 2007-05-22 : 13:33:17
|
| Has anyone ever heard of using Response.Write to test sql queries in the query designer? Here is the actual suggestion I was given recently:Response.write your sql query. Copy the query to your db query tool and run the query. Adjust the query as necessary to return the recordset you desire. When you have the proper query, adjust your asp code.The query editor/designer doesn't like certain symbols and extraneous code. So how exactly can you use Response.Write with a sql query without getting errors in designer? |
|
|
dinakar
Master Smack Fu Yak Hacker
2507 Posts |
Posted - 2007-05-22 : 13:39:11
|
| Most of the times, if you use Parameterized Queries, a majority of the errors you see with quotes, special characters go away. Are you using parameterized queries in your code? or do you do raw concatenation?Dinakar NethiSQL Server MVP************************Life is short. Enjoy it.************************http://weblogs.sqlteam.com/dinakar/ |
 |
|
|
erico
Starting Member
34 Posts |
Posted - 2007-05-22 : 13:46:17
|
| I tried this from inside the query designer then clicked the ampersand to run it. Thats when I saw the errors. I wasn't sure exactly how this guy wanted me to test this. I interpreted his reply as meaning put the sql code between the quotes in the Response.Write.<% Response.Write RS ("SELECT T_ProgramGuests.ProgramID, T_ProgramGuests.GuestName, T_ProgramGuests.GuestDescription, T_ProgramLinks.URL, T_ProgramLinks.Description FROM T_ProgramGuests LEFT OUTER JOIN T_ProgramLinks ON T_ProgramGuests.ProgramID = T_ProgramLinks.ProgramID WHERE (T_ProgramGuests.ProgramID = 9734)" %>So how exactly should this read? |
|
|
|
erico
Starting Member
34 Posts |
Posted - 2007-05-22 : 14:36:16
|
| I learned that parameterized means using @ symbol in my query code. So the answer to dinakar's reply is no I'm not using parameterized queries. I'd still like to know how to setup the syntax so that I can test the sql code as a query in designer. So if anyone can help with this that would be great. |
|
|
|
dinakar
Master Smack Fu Yak Hacker
2507 Posts |
Posted - 2007-05-22 : 14:44:28
|
| Yes, that might resolve some of the issues you have, in addition to preventing SQL Injection attacks. Do a quick google search and am sure you will find tons of articles with code samples.Dinakar NethiSQL Server MVP************************Life is short. Enjoy it.************************http://weblogs.sqlteam.com/dinakar/ |
|
|
|
|
|
|
Testing queries