Forum Moderators: open
I have a page which lists details about a person and includes a brief statement about them. The statement sometimes contains a paragraph from the person themselves in quotes.
In an edit person page i display the full statement in a text box and then save it. But of course my SQL statement fails because of various ' / ` / " whatevers that are in the statement. I found the URLEncode and HTMLEncode methods on the excellent w3 site but i'm not sure how to use them. It saved OK but now when view the statement it displays the encoded version.
To put it brutally how do i decode it please? :-)
Thanks y'all
I use JScript for my ASP coding so mine looks like this:
insert into table (descript) values (String(Request("descrip")).replace(\'\g,"''");
which uses the regular expression method "replace" to swap out all single quotes for a pair of single quotes, which allows the character to pass into the SQL statement.
It's similar in VBScript. I think the command is
strSubstr (stmt,textToReplaceWith) but in VBscript you will have to loop through the value.
Also is it just me or has recent posts gone funny - i cannot for the life of me get it to display posts by date in reverse!
It is really frustrating as it keeps showing messages by count and sortdir=forward.
Sorry its off topic but i am really strugglin' here.
Also is it just me or has recent posts gone funny
I haven't noticed anything funny with the boards.
function Stringify( value )
Stringify = "'" & replace(value, "'", "''") & "'"
end function
"INSERT INTO table (name1, name2) VALUES (" & Stringify(var1) & ", " & Stringify(var2) & ");"
-Matt
that looks good too.
Also my posts are back in the right order this morning.
Cheers chaps
