Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 729
  • Last Modified:

Using ASP code to Insert single quote into Oracle

Hi,
I am created  apply information web application form.  I would like to save user input information with single quote into oracle databace.
 I try used function Replace(SQL,"'","''")
for my code example:  
 sql="insert into Person "
 sql= sql & "( lastname, firstname ) " 
 sql= sql & "values ('"
 sql= sql & request.form(replace("lastname","'","''")) & "', '"
 sql= sql & request.form(replace("firstname","'","''")) & "') "
 set objrec = objconn.execute(sql)

But the replace funtion doesn't work in oracle database.  Please help!  How can I use  ASP code to  insert single quote into oracle databace? Thanks.
0
LiLib
Asked:
LiLib
1 Solution
 
DexstarCommented:
LiLib:

>  I try used function Replace(SQL,"'","''")
> for my code example:  
>  sql="insert into Person "
>  sql= sql & "( lastname, firstname, ) " 
>  sql= sql & "values ('"
>  sql= sql & request.form(replace("lastname","'","''")) & "', '"
>  sql= sql & request.form(replace("firstname","'","''")) & "') "
>  set objrec = objconn.execute(sql)

Try this:

Create a function to do the modification for you, like this:

     Function FixSQL( strSQL )
          FixSQL = "'" & Replace(strSQL, "'", "''") & "'"
     End Function

Then use it like this:
     sql="insert into Person "
     sql= sql & "( lastname, firstname, ) " 
     sql= sql & "values ("
     sql= sql & FixSQL(request.form("lastname")) & ", "
     sql= sql & FixSQL(request.form("firstname")) & ") "


Hope That Helps,
Dex*
0
 
LiLibAuthor Commented:
Hi Dex,

Thank you very much.  I will try it.

thanks,
Lili
0
 
DexstarCommented:
LiLib:

> Thank you very much.  I will try it.

If it works for you, please accept my answer.  If it doesn't work for you, post a message saying what's wrong, and we'll work together to fix it.  :)

Dex*
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
jammygCommented:
The replace function is working fine, but you are using it in wrong way. You can't replace the Form control with this function.
( as used in your code:   request.form(replace("lastname","'","''")))

To replace the value in request object, Try the following:
replace(request.form("lastname"),"'","''").

Let me know if it works.

thanks
0
 
LiLibAuthor Commented:
Hello Dex* and Jammyg,
Both your functions work perfectly in my project.  Thank both of you for nice help.
LiLib  
0
 
vnvkCommented:
This Question is now classified abandoned as no comment has been added to this question in more than 21 days.

I will leave the following recommendation on this question to the moderators in the Cleanup topic area:
    Accept: Dexstar {http:#9750488}

Any objections should be posted here in the next 4 days. After that time, the question will be closed at the discretion of the moderator.

vnvk
EE Cleanup Volunteer
0
 
DexstarCommented:
Works for me...

-D*
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now