Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP 3.0 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old April 16th, 2004, 12:39 AM
Authorized User
 
Join Date: Feb 2004
Location: , , .
Posts: 57
Thanks: 0
Thanked 0 Times in 0 Posts
Default problem caused by single quote

Hi,

I have a textarea (adtext) in my form in which customer can write message. Then I insert that value in my msde database.

The problem I am having is if someone put "'" in their message my insert statments blows up, and I get error.


Suppose If the value of adtext is "Write a good 'description about yourself"

My error will be

Error Type:
Microsoft OLE DB Provider for SQL Server (0x80040E14)
Line 1: Incorrect syntax near 'description'.


**************
here is my code


adtext = Request.form("adtext")

str= "INSERT INTO customer_ad(Location, Spec_Location, Adtext,ad_number, passwordhint)VALUES('" & location & "','" & speclocation & "', '" & Adtext & "'," & AdNumber & ",'" & passwordhint & "' )"
*************

I understand "'" mess up the sequences of my single quotes that I have in my insert statemnt , but i do not know how to overcome this problem

Thanks


  #2 (permalink)  
Old April 16th, 2004, 02:52 AM
Friend of Wrox
 
Join Date: Jun 2003
Location: , , United Kingdom.
Posts: 1,212
Thanks: 0
Thanked 1 Time in 1 Post
Default

Code:
adtext = Replace(Request.Form("adtext"), "'", "''")
will solve your problem
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
single quote problem harpua PHP Databases 1 July 8th, 2005 07:37 AM
How to add parameter val containing single quote prog ADO.NET 3 May 24th, 2005 09:24 AM
Undo/delete ' (single quote) in a textbox iniro VB.NET 2002/2003 Basics 1 April 6th, 2005 04:41 PM
replace single Quote qadeerahmad General .NET 3 September 6th, 2004 08:10 PM



All times are GMT -4. The time now is 12:18 PM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.