Search Page 1

[IndyGill]

Hi All

I am trying to build a serach page and I am not sure how to do a few things. I have a form that takes my serach criteria from page1.aspx and displys its reults in page2.aspx. I have put the parameters I pass from one page to another in a session. The results are shown in a datagrid

Problem
I have created a sql statement as follows

SELECT * FROM Services WHERE ServiceDescription LIKE = '" & session("Service&quot & "'"

However this treats the value they entered as a string, so if the user types in "Violence Help" it will look for it in this order. However im trying to get it to search the Database field so it will look for occurences of both "Violence" and "Help" in any order. Basically so the user can search AND OR in what they type in.

I have searched this site and the web and cant find any articles.

Thanks in advance

 

[Custom24]

Well, you've two options

Either hand-roll your SQL statement so that it correctly splits the session variable and then attaches as many OR clauses as necessary

strArray = split(session("Service&quot)

for each str in strArray
strSQL = strSQL & "or ServiceDescription like " etc
next

so that you end up with

SELECT * FROM Services WHERE ServiceDescription LIKE '*Violence*' or ServiceDescription like '*Help*'

-OR-

With Oracle, you get the ctx text cartridge, which allows you to do this kind of stuff really easily. I take it you're using SQL server? I'm sure something similar applies there.

Select * from Table where Contains(Field, 'Violence Help') > 0;

and then you can just insert the search phrase. These text cartridges also implicitly understand phrases like OR, NEAR, AND, and you can return ranked results.

Finally, be careful about inserting user content into SQL statements if this is a public facing (or indeed any) website. Hackers are evil.

Look in the FAQ for this forum. There has been a previous discussion about security implications of this.

Hope this helps




Mark