0

I am working on designing a asp form which will query an Access database (mdb). The outcome of the form is to query data results between a date range (date from and date to), and output the results on the asp page below. When I try and run the query I receive the following error:

Microsoft JET Database Engine error '80040e07' Syntax error in date in query expression 'name = 'firstname.lastname' And date = ##'.

Note: firstname.lastname correspnds to the real person.

The code it points to two lines which appear as follows:

rstDATA.open "Select * From xxx Where name = '" & username & "' And date = #" & request.Form("ddDate") & "#",cnn, adOpenKeyset, ,adLockReadOnly %>

rstDATA.open "Select * From xxx Where name = '" & username & "' And date = #" & request.Form("ddDate") & "#",cnn, adOpenKeyset, ,adLockReadOnly %>

where xxxx corrsponds to the table.

pnuts
  • 58,317
  • 11
  • 87
  • 139
JaysFan 1977
  • 37
  • 1
  • 6
  • Never ever build your SQL string like that without using parameters. You will get hacked sooner or later. See SQL Injection: http://www.w3schools.com/sql/sql_injection.asp – ZippyV Feb 05 '14 at 19:20

1 Answers1

0

It seems there is no value for ddDate provided. Are you sure you have a html element in your form that has a name attribute with "ddDate" as it's value?

ZippyV
  • 12,540
  • 3
  • 37
  • 52