request.getParameter problem

[riffy]

I have a statement:

String strName = request.getParameter("gameName"

gameName is the name of the input box on the previous page

the sql query I have is:

<%
strQuery = &quot;SELECT * FROM videogames WHERE &quot; + strName + &quot;LIKE '%VName%'&quot;;
rs = stmt.executeQuery(strQuery);
%>

VName is a column in the videogames table with a varchar type

If I enter some text into the input box, it gives an error as it thinks strName is a column in the table; however if I input a number into the input box, the query works fine.

Any suggestions?

Would you want me to post all my code?

Arif

 

[palbano]

Arif,

You problem is simple. You need to see the value of strQuery at runtime by logging it. Then you can see exactly what is wrong with the SQL statement yes?

Then if you don't understand why a SQL statement fails then that is a SQL question not a Java question. For SQL questions use the forum for your specific database here at Tek-Tips.

-pete

 

[nerram]

Yoou need a space before the LIKE. If this isnt the problem post more code.

 

[varocho]

Try this:

strQuery = &quot;SELECT * FROM videogames WHERE VName LIKE '%&quot; + strName + &quot;%' &quot;;