Wrox Home  
Search P2P Archive for: Go
Shopping CartView Cart  |  My Account  |  Support
Home Browse Titles

P2P Archives
 

Archive Index
Back to Active P2P Forum

 


Wrox Chapters on Demand - Download the chapters you need and take them on the go!
Wrox First - Instant Access online to new Wrox books

New Titles for ASP.NET

Cover image for product 0470391847
Jumping from ASP to ASP.NET
Cover image for product 0470286652
ASP.NET AJAX Control Development with Visual Studio 2008 and .NET 3.5 Framework
Wrox Blox
  Return to Index  

asp_databases thread: Escaping parenthesis in sql statements...

Message #1 by "Jon S. Jaques" <jjaques@g...> on Tue, 17 Oct 2000 14:43:37 -0400
Hello,



I'm submitting data to a database with forms, and I've figured out how to

escape both quotes (' and ") but I can't find any way to escape

parenthesis...



I know that I can use escape() and unescape() when storing and reading that

field, but that adds a lot of overhead to the script that reads the

database, and that portion of the script will get a lot of traffic.



What can I do??? I thought to use HTML entities, but there isn't entities

defined for parens.



Any ideas would be greatly appreciated!!!



--Jon
Message #2 by Imar Spaanjaars <Imar@S...> on Tue, 17 Oct 2000 20:52:07 +0200
Hi there,



Why do you need to escape the ( and ) ?? If you're able to escape your 

apostrophes, anything between the opening ' and the closing ' will just be 

inserted in the database, or used in a select statement, or whatever. As 

far as I can see, the apostrophe is the only problematic character.



Imar







At 02:43 PM 10/17/2000 -0400, you wrote:

>Hello,

>

>I'm submitting data to a database with forms, and I've figured out how to

>escape both quotes (' and ") but I can't find any way to escape

>parenthesis...

>

>I know that I can use escape() and unescape() when storing and reading that

>field, but that adds a lot of overhead to the script that reads the

>database, and that portion of the script will get a lot of traffic.

>

>What can I do??? I thought to use HTML entities, but there isn't entities

>defined for parens.

>

>Any ideas would be greatly appreciated!!!

>

>--Jon

>

>
Message #3 by Andy Johnson <lysaer@d...> on Tue, 17 Oct 2000 13:54:49 -0500
Are the parenthesis in the form values that you're submitting, or the field names?  If

they're in the form values, try using a replace statement like you would with quotes and

apostrophes, although that may be what you're asking! :)



strFieldName=request.form("fieldname")

replace(request.form("fieldname"), ")", "')")



Or whatever.  I'm not sure what exactly the replacing characters would be.



Hope that helps a little!



"Jon S. Jaques" wrote:



> Hello,

>

> I'm submitting data to a database with forms, and I've figured out how to

> escape both quotes (' and ") but I can't find any way to escape

> parenthesis...

>

> I know that I can use escape() and unescape() when storing and reading that

> field, but that adds a lot of overhead to the script that reads the

> database, and that portion of the script will get a lot of traffic.

>

> What can I do??? I thought to use HTML entities, but there isn't entities

> defined for parens.

>

> Any ideas would be greatly appreciated!!!

>

> --Jon

>

  Return to Index  
About Wrox  |  Contact Us  |  Subscribe to an RSS Feed of New Wrox Titles
Copyright © 2000-2004 by John Wiley & Sons, Inc. or related companies. All rights reserved. Please read our Privacy Policy