I am creating following query using input from the web form.

ssql = "Select * from vehtran where repdate between #" cdate(txtdtfrom.text) & "# and #" cdate(txtdtto.text) & "# and Status = 'Rep'"

When I then passing this sql string to another web form which will display the search results through following code

Response.redirect("DispRec.aspx?ssql=" & ssql )

However when I am retrieve this sql query in DispRec.aspx, it gives me following Select query which is wrong

Select * from Vehtran where repdate between #11/19/06 and 11/21/06 and Status = 'Rep' - Assuming that txtdtfrom contains date '11/19/06' and txtdtto contains date '11/21/06'.

Can any one guide me what is wrong in passing the querystring ?

When I view this query string in the same web form it is displayed properly as under

Select * from Vehtran where repdate between #11/19/06# and #11/21/06# and Status = 'Rep'

Help in this regards is highly appreciated.

Regards

Sandeep

The hash symbol is a special URI character and so would have to be escaped to use it in the query string. (or you could post it via a form)

Not really a good idea to pass the entire SQL string anyway, would be better to just pass the parameters and let your results page create it. Otherwise you could get all sorts of SQL querys being passed (inserts, updates, deletes etc) by mischevous users.

PS: The % symbol is also reserved for denoting escaped values so you would also get problems sending SQL containing wildcards via the query string. IE ...Where Name Like '%jam%'...
J