Question
Search MSSQL DB using stored procedure
I am in the middle of changing our ASP / MSSQL website from
using Dreamweaver recordsets to one that uses stored procedures
with parameters.
I am stuck on the SQL code for a search function. I have a search page that, depending on what the user inputs, lists all products beginning with, or including the search term or number entered. If for instance someone entered EL or 345, I need the results page to show all products containing EL or 345 etc. I have tried the following, but it brings up every record in the database;
CREATE PROCEDURE ResultPage_sp
AS
SELECT *
FROM tbl_Products
WHERE tbl_Model LIKE '%%'
I also need the stored procedure to have parameters included to tighten up the security of our site. Any help would be much appreciated. The tbl_Model is a field in the tbl_Products DB.
I am stuck on the SQL code for a search function. I have a search page that, depending on what the user inputs, lists all products beginning with, or including the search term or number entered. If for instance someone entered EL or 345, I need the results page to show all products containing EL or 345 etc. I have tried the following, but it brings up every record in the database;
CREATE PROCEDURE ResultPage_sp
AS
SELECT *
FROM tbl_Products
WHERE tbl_Model LIKE '%%'
I also need the stored procedure to have parameters included to tighten up the security of our site. Any help would be much appreciated. The tbl_Model is a field in the tbl_Products DB.
