Bloody SQL

Results 1 to 4 of 4

Thread: Bloody SQL

  1. #1
    Big Mama Brown Guest

    Default Bloody SQL

    I have created a form that sticks text from a textbox into a database using sql. The only problem is that if I stick a "&#039" in the text, the SQL statement mashes up and produces an error as it sees the "&#039" as the end of the text when actually it isn&#039t.<BR><BR>Is there any way I can get the "&#039" into the database without an error?

  2. #2
    E! Guest

    Default RE: Bloody SQL

    Replace the single quote with a double going in... Then replace the double with a single when you select it... Check this:<BR><BR> function DblQuote(fld)<BR> DblQuote = Replace(fld, "&#039", "&#039&#039") <BR> end function

  3. #3
    J Guest

    Default RE: Bloody SQL

    use the single quote twice &#039&#039<BR><BR>to catch this use the Replace function<BR><BR>Dim myVar<BR>myVar = Request.Form("TextBox")<BR><BR>myVar = Replace(myVar, "&#039", "&#039&#039")<BR><BR>This should work

  4. #4
    Ed Guest

    Default RE: Bloody SQL

    It&#039s hard to read the character that you&#039re referring to, but I assume that it&#039s a single apostrophe. Yep, it&#039s easy to stick it into the database. Just assign the request variable to a local variable and do a replace on it:<BR><BR>strWhatever = Request.Form("txtWhatever")<BR>strWhatever = Replace(strWhatever, "&#039", "&#039&#039")<BR><BR>What I&#039m doing here is replacing every apostrophe with two apostrophe characters. SQL reads two apostrophe characters not as a beginning or end quote, but as a single apostrophe to be inserted into the database.<BR><BR>Good Luck!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts