Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

' interrupts string input

In a web application (uses ASP), users are asked to answer a question through a multiple-line input box. When using the ' char, as in "I'm", the input following to that gets ignored when storing the data in the database. I know the cause - but how can I prevent it from occuring?
0
ribbegrd
Asked:
ribbegrd
  • 2
1 Solution
 
connexCommented:
Just put the String you send to the SQL-Server in "<string>"
This should solve that.

0
 
ribbegrdAuthor Commented:
How exactly should this be done? My app reads stuff off a form, and then directly inserts it. Where should the <string> tag be?
0
 
connexCommented:
depends on how you construct the statement. Maybe email me some
sample code and I can send you back a version that does is.
My Email is us@datapec.datagroup.de

0
 
sybeCommented:
using the Replace function replace the ' with 2x '

REPLACE(Request.Form("field_whatever"), "'", "''")

But you can also URLEncode the string and URLDecode it back when you get the data from the database.

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now