% '********************************************** ' ÈÀÏ : apt_list.asp ' ¼³¸í : ¾ÆÆÄÆ®¸ñ·Ï ' °³¹ßÀÏÀÚ : 2007/07/04 ' °³¹ßÀÚ : ±è¼ø·Ê ' E-mail : eclipse7@hanmail.net '********************************************** %> <% apt_name = Request("apt_name") lo_code = Request("lo_code") apt_use = request("apt_use") apt_name = SQL_Injection(apt_name) lo_code = SQL_Injection(lo_code) apt_use = SQL_Injection(apt_use) apt_use = UCase(apt_use) sql = "" sql = sql & " SELECT menu_img, ap_code, apt_name " sql = sql & " FROM TB_apt_info " sql = sql & " WHERE (menu_img IS NOT NULl AND menu_img<>'') " sql = sql &"AND (del_flag Is null or del_flag = '') " If lo_code <> "" then sql = sql & " And left(ap_code,4) = '"&lo_code&"' " End if If apt_name <> "" Then sql = sql & " And apt_name like '%"&apt_name&"%' " End If If apt_use = "O" Then sql = sql & " And apt_use = 'O' " Else sql = sql & " And (apt_use is null or apt_use='' or apt_use ='A') " End if sql = sql & " order by apt_name " Set Rs = dbConn.getRs(sql) IF Rs.EOF = FALSE THEN value = Rs.GetRows() Else value = Null END IF Rs.Close SET Rs = Nothing %>