|
Posted by KenJ on 01/13/06 22:45
Before getting to your question, let me point out that the unfiltered
input here is a huge SQL injection attack just waiting to happen...
sql="UPDATE rfa SET "&_
"dateClosed='"& cDateClosed &"', "&_
"where rfaId='"& Request.Form("RFAID")&"'"
For the NULL, try quotes instead of parentheses around the word NULL
like this...
cDateClosed = ""
If(Request.Form("dateClosed")= "") Then
cDateClosed = "NULL" ''' <---- building a
string, we need quotes...
end if
bjose21 wrote:
> Hello,
>
> I've been searching the web for quite some time to resolve the problem
> of "1/1/1900" returning in a datetime field in SQL that resulted from a
> blank (not NULL) value being passed to it through an ASP page.
>
> The solution is that a NULL value needs to passed to SQL from ASP.
> Thats fine...I understand the why the problem is happening and the
> solution around it. HOWEVER, I can't seem to get the proper syntax to
> work in the ASP page. It seems no matter what I try the "1/1/1900"
> still results. Below are a few variations of the code that I have
> tried, with the key part being the first section. Does anyone have any
> suggestions?!?!?
> ______________
> cDateClosed = ""
> If(Request.Form("dateClosed")= "") Then
> cDateClosed = (NULL)
> end if
>
> sql="UPDATE rfa SET "&_
> "dateClosed='"& cDateClosed &"', "&_
> "where rfaId='"& Request.Form("RFAID")&"'"
> _______________
>
> ______________
> cDateClosed = ""
> If(Request.Form("dateClosed") <> "") Then
> cDateClosed = (NULL)
> end if
>
> sql="UPDATE rfa SET "&_
> "dateClosed='"& cDateClosed &"', "&_
> "where rfaId='"& Request.Form("RFAID")&"'"
> _______________
>
> ______________
> cDateClosed = ""
> If(Request.Form("dateClosed")= "") Then
> cDateClosed = NULL
> end if
>
> sql="UPDATE rfa SET "&_
> "dateClosed='"& cDateClosed &"', "&_
> "where rfaId='"& Request.Form("RFAID")&"'"
> _______________
> Thanks in advance!!!!
[Back to original message]
|