DaniWeb IT Discussion Community

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)
-   ASP (http://www.daniweb.com/forums/forum62.html)
-   -   Help with asp error (http://www.daniweb.com/forums/thread48525.html)

dave1323 Jun 24th, 2006 4:01 pm
Help with asp datatype mismatch error
 
I am doing a simple profile update webpage, I keep getting this error and can'y figure out how to fix it. I have included the code. The only field in my database that isn't a text field is my userid field which is an autoinumber field.

Microsoft OLE DB Provider for ODBC Drivers error '80040e07'

[Microsoft][ODBC Microsoft Access Driver] Data type mismatch in criteria expression.


Userid = Request.Form("Uidfield")

strSQL = "SELECT * FROM users WHERE Uid='"& Userid &"';"

Set results = cnnEXDB.Execute(strSQL)


Any help with this would be greatly appreciated.

campkev Jun 25th, 2006 9:34 pm
Re: Help with asp error
 
by putting the single quotes around the it, you are making it text instead of a number. also you are leaving yourself open to a sql injection attack. you want this


Userid = CInt(Request.Form("Uidfield"))

'By using CInt you prevent people from passing in inappropriate data



strSQL = "SELECT * FROM users WHERE Uid="& Userid &";"



Set results = cnnEXDB.Execute(strSQL)


All times are GMT -4. The time now is 2:15 pm.

Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC