Martijn Pieters wrote:
At 23:50 02/08/99 , Donald Holten wrote:
Well, I've tried escaping the '%', single quotes instead of double quotes, sqlvar instead of var, and none of those have worked. Here's the code again:
select * from Users where <!--#var searchkey--> like "%<!--#var valuekey-->%" order by <!--#var searchkey-->
...
SQL used:
select * from Users where firstname like "%Donald%" order by firstname
Like I said, it looks to me like the SQL it's trying to use is fine.
In SQL _double_ quotes are used for escaping column names that are case sensitive or contain non-alpha characters. For strings you should use single quotes, so: select * from Users where firstname like '%Donald%' order by firstname Should do what you want --------- Hannu