Inserting text into a memo field in Access with traditional ASP

Forum Moderators: open

Message Too Old, No Replies

Inserting text into a memo field in Access with traditional ASP

TheSeoGuy

4:08 pm on Nov 4, 2004 (gmt 0)

I would like to allow the users of the site I'm working on to be able to type in any text they wish.

This text will then be inserted into a memo filed in an access database.

How can I account for special characters such as:
single quotes (')
commas (,)
etc.. that would possibly cause the INSERT statement to crash?

Is there a function in ASP that will allow me to escape all these special characters?

Thanks

mcavill

4:16 pm on Nov 4, 2004 (gmt 0)

there may be a function in VB, but usually write myself a function such as:

sub formatString(strToBeFormatted)
dim tString
tString = replace(strToBeFormatted, "'", "*")
tString= replace(tString, "<", "<")
...etc
formatString = tString
end sub

then you can build you SQL string as:

sSQL = "Insert into tbl_Table(memo_field) value ('" & formatString(request("theField")) & "')"

then run it....

this hasn't been tested so it might need some tweaks

TheSeoGuy

4:34 pm on Nov 4, 2004 (gmt 0)

Hey mcavill,

Thanks for the advise...

I thought about writing something myself, but that would mean I would have to take into consideration all possible characters that may cause the statement to crash right?

This may not be that big of an issue, but I thought there may be a quick and easy way to accomplish the same thing.

Thanks again for your reply along with the code.
I appreciate it!

mcavill

4:58 pm on Nov 4, 2004 (gmt 0)

no probs - as far as I know the only thing that would cause a big problem with the SQL statement is the '. Commas etc should be OK, it just depends what you're going to do with the field, if you write it out again, maybe you don't want HTML tags inserted etc.