0

Below query is resulting NO rows 

lstResults.RowSource = "select EmpId from tblTesting where Empid ='" & Me.txtSearchEmpId.Value & "'"

Where below working fine :

lstResults.RowSource = "select * from tblTesting"

WHere is the fault here? I check the value of '" & Me.txtSearchEmpId.Value & "'" using break point its having the value of "123" (numerical)

My empid is numerical value

Please help

Improve this question
1
  • Please take some time to learn a bit about SQL. Does the table have row(s) for EmpID = 123? What data type is the EmpID field? If it is a text field, do a TRIM on txtSearchEmpID Commented Jul 14, 2009 at 6:47

2 Answers 2

Reset to default
3

If your EmpId is numerical, you probably want to remove the single-quotes:

lstResults.RowSource = "select EmpId from tblTesting where Empid = " & Me.txtSearchEmpId.Value

How does that work?

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

First, remove the single quotes from around your value, if it really is a number.

Second, cleanse your input. What if someone types 123 or true into your input field? You've then let them select all inputs. You might want to convert the value to an integer and then back to a string to make sure it is pure.

See xkcd #327: xkcd #327

Improve this answer

2 Comments

Exactly what could happen if they don't do that? Remember, the context is Access, and SQL injection risks are severely limited in Access as compared to other programming environments because of the fact that Access/Jet can't executed batched SQL statements.
@David W. Fenton: In the txtSearchEmpId.Value you could type x' = 'x and your assumption that the resultset will contain 1 or zero rows is blow out of the water e.g. could reveal information you were trying to restrict. Hard to be specific for a SQL statement targeting a table named tblTesting ;)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.