I'm trying to search an SQL table for a key=value where the user gets to select the key and the value. I have a select method on a DTML document to set the key and a text input to set the value, but I cannot successfully use them in the SQL without getting single quotes around them. select * from Users where <!--#sqlvar searchkey type=string--> = <!--#sqlvar searchvalue type=string--> order by <!--#sqlvar searchkey type=string--> And here's what I get: Error, exceptions.SyntaxError: unexpected token sequence.near :: "onald'\012order by"*" 'firstname'" ******************************* current state = 70 expects: 'numeric_literal', 'user_defined_name', ('nomatch1',) current token = ((-8, 'character_string_literal'), 'firstname') SQL used: select * from Users where 'firstname' = 'Donald' order by 'firstname' Any ideas? Thanks! Donner