Results 1 to 2 of 2
  1. #1
    Join Date
    May 2002

    SQL Documenting is Not working

    I read on the internet that on SQL you can use "--" or "#" for Documenting - to ignore everything that comes after that mark (like ' in VB or // in C). Yeah, cool, but its not working. I opened up an IIS server and built a simple .asp file that contain sql commands and among them this line :

    R.Open "Select * from [Test]"

    Yup, the asp is worknig. but when i change this line to one of this lines :

    R.Open "Select * from [Test]#BLA"
    R.Open "Select * from [Test]--BLA"

    Its not working.
    I tried with spaces etc. Still not working
    Why? Any solution?

  2. #2
    Senior Member
    Join Date
    Jun 2002
    the use of commenting features is database dependent (which you didn't list). my guess, is that you are using access - which doesn't provide this functionality.

    but i've also experienced similar problems with mysql, if so, then you might try adding a crlf between the command and the comment (for some reason this has always worked with our injection attempts).

    i don't see a problem with using the provided syntax with ms-sql (except that it doesn't support the # comment), or with oracle.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts