Posted by @sh on 05/22/06 12:46

Many thanks for all the help posted in response, I think I'll take the
suggestion below although do take into account all points raised, especially
that regarding SQL Injection - this application isn't a public one, its
within a secure administration panel, therefore the user would first have to
get beyond the security aspect before they could even attempt such an
exploit.

Also, all users are actually staff and so the risks are minimal.

Thanks once again!

Cheers, Ash

"Hugo Kornelis" <hugo@perFact.REMOVETHIS.info.INVALID> wrote in message
news:5nfs62p9nikiuv18v1mk2c2a2sk9podief@4ax.com...
> On 19 May 2006 05:44:05 -0700, SQL wrote:
>
>>--This should return only 2's that are not part of a bigger number
>>select * from tbl_listids where PropertyID like '%,2,%' OR
>>PropertyID like '2,%'
>>or PropertyID like '%,2'
>
> Hi Denis,
>
> Or (shorter)
>
> SELECT something
> FROM listids
> WHERE ',' + PropertyID + ',' LIKE '%,2,%'
>
> --
> Hugo Kornelis, SQL Server MVP

• Next in forum: how to insert data into to image datatype
• Prev in forum: ANN: Database Workbench 2.8.6 released
• Thread view: Re: SQL IN Query

[Reply to this message]