Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP 3 Classic ASP Active Server Pages 3.0 > Classic ASP Basics
Password Reminder
Register
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old June 26th, 2003, 09:12 PM
Authorized User
 
Join Date: Jun 2003
Location: Melbourne, Victoria, Australia.
Posts: 90
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to tdaustin Send a message via Yahoo to tdaustin
Default How to stop ' stuffing up you code

Hi All,

I have a re occuring problem, usually with SQL statements when either HTML or ' are entered in form fields for updating or adding records to access databases. It breaks up the SQL statement written and causes the SQL to fail. I though i solved this problem by using objRS.AddNew & objRS.Update statements, but still seems to exist on some occasions. I believe this would be a common function and was wondering what solutions you guys use to over come this.

Regards

TDA

TDA
__________________
TDA
Reply With Quote
  #2 (permalink)  
Old June 26th, 2003, 09:28 PM
Friend of Wrox
Points: 2,376, Level: 20
Points: 2,376, Level: 20 Points: 2,376, Level: 20 Points: 2,376, Level: 20
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: , , Australia.
Posts: 596
Thanks: 1
Thanked 3 Times in 3 Posts
Default

Basically Tim you need to replace all single quotes(') with two single quotes('').Not double quotes but two singles
strField = replace(strField,"'","''")
This is also important for security so you need to do it with every text field input in your DB from ASP forms.
I also do a replace on "--" with "" to help stop people messing with your db.
I do this in one function

function safeTextField(strIn)
 safeTextField = replace(replace(strIn,"'","''"),"--","")
end function

See Ken Schaefers' web site www.openstatic.com.au for some info into this kind security.
Reply With Quote
  #3 (permalink)  
Old June 26th, 2003, 09:30 PM
Friend of Wrox
Points: 2,376, Level: 20
Points: 2,376, Level: 20 Points: 2,376, Level: 20 Points: 2,376, Level: 20
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: , , Australia.
Posts: 596
Thanks: 1
Thanked 3 Times in 3 Posts
Default

Wrong Address for Kens' site
Its is
http://www.adopenstatic.com
The specific article is at
http://www.adopenstatic.com/resource...Validation.asp
Reply With Quote
  #4 (permalink)  
Old June 26th, 2003, 09:52 PM
Authorized User
 
Join Date: Jun 2003
Location: Melbourne, Victoria, Australia.
Posts: 90
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to tdaustin Send a message via Yahoo to tdaustin
Default

Thanks for your advice Rod

Its definately an issue i need to fix in my apps

Tim :)



TDA
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Stop button won't stop loop JDShaffer Visual Basic 2008 Essentials 3 May 23rd, 2008 03:22 PM
tab stop angelboy C# 2005 1 June 19th, 2007 04:33 AM
Stop watch rohit_ghosh Access VBA 2 May 3rd, 2007 04:14 AM
How to stop user from view js code but still work bekim Javascript How-To 4 January 7th, 2005 09:08 PM
Stop E-mail SannOo Forum and Wrox.com Feedback 7 June 15th, 2004 05:06 PM



All times are GMT -4. The time now is 07:04 AM.


Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.