Bottom Line Question: How do I eliminate this apostrophe problem? Should I run a string search and delete the apostrophe and replace it with Response.Write "´”?
I am trying to create an asp page that will display text that a user submits on a form, and then displays it on another page for customers to read prior to placing an order. I am designing this for a client, since they have limited knowledge of web design, they do not want to get into html coding.
The program takes what they write and puts it in to an Access database, and then another asp page calls it up prior to placing an order.
Everything works, "almost" except for when the client enters text with an apostrophe.
You can find the working site at (This allows the user to enter info, which will be password protected in the future):
Then it is displayed on (prior to a customer placing an order):
Everything works until an apostrophe is entered anywhere in the field.
Here is the code for this page:
<title>Place Order Update</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="text.css" rel="stylesheet" type="text/css">
Const adOpenKeySet = 1
Const adOpenOptimistic = 2
Dim objCmd, intNoOfRecords
set objCmd = Server.CreateObject("ADODB.Command")
Dim strTitle, strCDate, strCopy, strSQL
strCDate = Request.Form("currentdate")
strTitle = Request.Form("title")
strCopy = Request.Form("copy")
objCmd.ActiveConnection = strConnect
objCmd.CommandText = "DELETE FROM PreOrder WHERE ID LIKE '1' "
'Response.Write "This Update command has affected " & _
'intNoOfRecords & " records<br><br>"
strSQL = "INSERT INTO PreOrder (CDate, Title,Copy) VALUES " & _
"('" & strCDate & "','" & strTitle & "','" & strCopy &"');"
objCmd.CommandText = strSQL
Response.Write "This Record Update command has affected " & _
intNoOfRecords & " records<br><br>"
set objCmd = nothing