Just one correction on the like part of the MakeSQLFunction

like should read
if (sqlLike = "") then
  sqlLike = " LIKE (Office = '" & txtOffice.Text.ToString() & "'"
else
  sqlLike = " AND (Office = '" & txtOffice.Text.ToString() & "'"
end if

do this with all the second like search -> the word AND must be in front.

Are you winning?

Helga

well, I have to figure where to incorporate the function. It looks like sqlLike var will get longer and longer? Do I still use the @parameters?

Sorry for delay - was somewhat busy.

Implement the function where you would have done the search. Thus if on your webform is a button search, you would have either placed the code behind the button or would have executed a function that connects to the db and does the work. Now, just prior to binding the command or datareader, declare a string to hold the return of the variable and then return set the string to the function, i.e. strSQLStatement = MakeSQLQuery(). This will generate the string for the command/datareader. then the command/datareader will take the query.

Parameters will actually only work if you used a store procedure and not with a normal sql query. In the original code example i could see that you used a query directly in your code thus parameters will have no use.

Yip, the query will be longer, but remember that with this sql query function it will only be extremely long string if the user supplied all 12 values. The magic of this function is that it will not place a string in the like clause if the user supplied no value. Try it, you will see it's ok.

If you can, email me the original webform and code behind ([email protected]) and i'll place the function for you there. You will see, it's magic and the least code possible yet it should be stable.

Helga

I emailed it to you, I got an autoresponse though???