views:

162

answers:

2

Below query is resulting NO rows

lstResults.RowSource = "select EmpId from tblTesting where Empid ='" & Me.txtSearchEmpId.Value & "'"

Where below working fine :

lstResults.RowSource = "select * from tblTesting"

WHere is the fault here? I check the value of '" & Me.txtSearchEmpId.Value & "'" using break point its having the value of "123" (numerical)

My empid is numerical value

Please help

+3  A: 

If your EmpId is numerical, you probably want to remove the single-quotes:

lstResults.RowSource = "select EmpId from tblTesting where Empid = " & Me.txtSearchEmpId.Value

How does that work?

Adam Bernier
Thanks for the help
You're most welcome. Now you can call yourself EvenSmarterVEGA :)
Adam Bernier
+1  A: 
lavinio
Exactly what could happen if they don't do that? Remember, the context is Access, and SQL injection risks are severely limited in Access as compared to other programming environments because of the fact that Access/Jet can't executed batched SQL statements.
David-W-Fenton
@David W. Fenton: In the txtSearchEmpId.Value you could type x' = 'x and your assumption that the resultset will contain 1 or zero rows is blow out of the water e.g. could reveal information you were trying to restrict. Hard to be specific for a SQL statement targeting a table named tblTesting ;)
onedaywhen