Menu
I would like to pass some operators through as querystring parameters so that I can convert them, along with a value into an SQL query. The idea would be to let the querystring parameters dictate wether the page returns search results where prices are equal to, greater than or equal to, greater than, less than or less than or equal to as follows:
=, >=, >, < and <=
I'm not sure what the best practise is for passing these operators through is, could anybody help me out? Would you pass through ascii codes or simply text like e, gte, gt, lt, lte and then convert them on results page that builds the query?
Thanks guys!
426
To pass in parameter values, simply append them to the query string at the end of the base URL. In the above example, the view parameter script name is viewParameter1.
URL parameters are made of a key and a value, separated by an equal sign (=). Multiple parameters are each then separated by an ampersand (&).
A query string commonly includes fields added to a base URL by a Web browser or other client application, for example as part of an HTML, choosing the appearance of a page, or jumping to positions in multimedia content.
What are query string parameters? Query string parameters are extensions of a website's base Uniform Resource Locator (URL) loaded by a web browser or client application. Originally query strings were used to record the content of an HTML form or web form on a given page.
As user Kon said, use HttpServerUtility.UrlEncode. I've once written a tiny little class to simplify working with query strings so that I do not have to call Server.UrlEncode.
As a side note, keep an eye on SQL injection aka Little Bobby Tables:
(Source)
69
Server.UrlEncode
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
