Solved

Using ASP code to Insert single quote into Oracle

Posted on 2003-11-14
8
691 Views
Last Modified: 2008-01-16
Hi,
I am created  apply information web application form.  I would like to save user input information with single quote into oracle databace.
 I try used function Replace(SQL,"'","''")
for my code example:  
 sql="insert into Person "
 sql= sql & "( lastname, firstname ) " 
 sql= sql & "values ('"
 sql= sql & request.form(replace("lastname","'","''")) & "', '"
 sql= sql & request.form(replace("firstname","'","''")) & "') "
 set objrec = objconn.execute(sql)

But the replace funtion doesn't work in oracle database.  Please help!  How can I use  ASP code to  insert single quote into oracle databace? Thanks.
0
Comment
Question by:LiLib
8 Comments
 
LVL 19

Accepted Solution

by:
Dexstar earned 50 total points
ID: 9750488
LiLib:

>  I try used function Replace(SQL,"'","''")
> for my code example:  
>  sql="insert into Person "
>  sql= sql & "( lastname, firstname, ) " 
>  sql= sql & "values ('"
>  sql= sql & request.form(replace("lastname","'","''")) & "', '"
>  sql= sql & request.form(replace("firstname","'","''")) & "') "
>  set objrec = objconn.execute(sql)

Try this:

Create a function to do the modification for you, like this:

     Function FixSQL( strSQL )
          FixSQL = "'" & Replace(strSQL, "'", "''") & "'"
     End Function

Then use it like this:
     sql="insert into Person "
     sql= sql & "( lastname, firstname, ) " 
     sql= sql & "values ("
     sql= sql & FixSQL(request.form("lastname")) & ", "
     sql= sql & FixSQL(request.form("firstname")) & ") "


Hope That Helps,
Dex*
0
 

Author Comment

by:LiLib
ID: 9750555
Hi Dex,

Thank you very much.  I will try it.

thanks,
Lili
0
 
LVL 19

Expert Comment

by:Dexstar
ID: 9750583
LiLib:

> Thank you very much.  I will try it.

If it works for you, please accept my answer.  If it doesn't work for you, post a message saying what's wrong, and we'll work together to fix it.  :)

Dex*
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Expert Comment

by:jammyg
ID: 9751467
The replace function is working fine, but you are using it in wrong way. You can't replace the Form control with this function.
( as used in your code:   request.form(replace("lastname","'","''")))

To replace the value in request object, Try the following:
replace(request.form("lastname"),"'","''").

Let me know if it works.

thanks
0
 

Author Comment

by:LiLib
ID: 9760365
Hello Dex* and Jammyg,
Both your functions work perfectly in my project.  Thank both of you for nice help.
LiLib  
0
 
LVL 7

Expert Comment

by:vnvk
ID: 12154831
This Question is now classified abandoned as no comment has been added to this question in more than 21 days.

I will leave the following recommendation on this question to the moderators in the Cleanup topic area:
    Accept: Dexstar {http:#9750488}

Any objections should be posted here in the next 4 days. After that time, the question will be closed at the discretion of the moderator.

vnvk
EE Cleanup Volunteer
0
 
LVL 19

Expert Comment

by:Dexstar
ID: 12176100
Works for me...

-D*
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now