Welcome to WebmasterWorld Guest from 54.221.9.209

Forum Moderators: ocean10000

Message Too Old, No Replies

Inputting single code string data

     
4:30 pm on Aug 22, 2005 (gmt 0)

New User

10+ Year Member

joined:Apr 25, 2005
posts:9
votes: 0


Hi
I have a problem in inputing single code(') string into the SQL database. I wrote in ASP language and connect to the SQL server to insert the data.
If the data contains single code string (e.g women's group)the syntax error appears and it stops.
I tried to change the double code(")instead of single one to insert the data and then, it also has error "does not permit column name ...." or something like that.
How can i solve the problem to input the data that contains single code(')?
Any help appreciated. Thanks.
4:53 pm on Aug 22, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 12, 2002
posts:1482
votes: 0


Here's a past post that includes a function you can call (see the last post).

[webmasterworld.com...]

7:03 pm on Aug 22, 2005 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 24, 2005
posts:965
votes: 0


Simply replacing the quotes is a bad habit to get in to. You create a lot of security vulnerabilities by using ad-hoc SQL statements like that.

Use your favourite search engine and search for information on parameterized SQL queries in ASP.