Inserting values containing quotes into SQL

Results 1 to 3 of 3

Thread: Inserting values containing quotes into SQL

  1. #1
    Join Date
    Dec 1969
    Posts
    177

    Default Inserting values containing quotes into SQL

    I am having trouble inserting a value from a text box into the database as the value in the text box contains a single quote. <BR>The code I am using at the moment looks like this...<BR><BR>TmpName = request.form("txtName")<BR>SqlStr = "INSERT Test(TestName) VALUES(&#039" & TmpName & "&#039)"<BR>TmpConn.Execute SqlStr<BR><BR>Is there any way that one can get around this problem?

  2. #2
    John T. White Guest

    Default RE: Inserting values containing quotes into SQL

    That all depends on what the purpose is for. If the whole purpose is to show the data only on a website or some sort, you can use this code.<BR><BR>Your Code:<BR><BR>TmpName = request.form("txtName")<BR>SqlStr = "INSERT Test(TestName) VALUES(&#039" & TmpName & "&#039)"<BR>TmpConn.Execute SqlStr<BR><BR>The New Code:<BR><BR>TmpName = Replace(request.form("txtName"), "&#039", "&rsquo;")<BR>SqlStr = "INSERT Test (TestName) VALUES(&#039" & TmpName & "&#039)"<BR>TmpConn.Execute SqlStr<BR><BR>I am sure you can figure out what that does, but just in case.<BR><BR>The Replace commands takes the first value, searchs for the second value, and replaces it with the third value. So when you replace the single quote with the HTML eqvilent, it no longer causes any problems with the SQL Statement. Let me know if this helps.

  3. #3
    Nathan Pond Guest

    Default RE: Inserting values containing quotes into SQL

    SqlStr = "INSERT Test(TestName) VALUES(&#039" & Replace(TmpName, "&#039", "&#039&#039") & "&#039)"<BR><BR><BR>Nathan Pond<BR><BR>essentially what you are doing ins replacing each single quote with 2 single quotes. SQL will interpret this as a single quote in the string.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •