Solved

Using ASP code to Insert single quote into Oracle

Posted on 2003-11-14
8
707 Views
Last Modified: 2008-01-16
Hi,
I am created  apply information web application form.  I would like to save user input information with single quote into oracle databace.
 I try used function Replace(SQL,"'","''")
for my code example:  
 sql="insert into Person "
 sql= sql & "( lastname, firstname ) " 
 sql= sql & "values ('"
 sql= sql & request.form(replace("lastname","'","''")) & "', '"
 sql= sql & request.form(replace("firstname","'","''")) & "') "
 set objrec = objconn.execute(sql)

But the replace funtion doesn't work in oracle database.  Please help!  How can I use  ASP code to  insert single quote into oracle databace? Thanks.
0
Comment
Question by:LiLib
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 19

Accepted Solution

by:
Dexstar earned 50 total points
ID: 9750488
LiLib:

>  I try used function Replace(SQL,"'","''")
> for my code example:  
>  sql="insert into Person "
>  sql= sql & "( lastname, firstname, ) " 
>  sql= sql & "values ('"
>  sql= sql & request.form(replace("lastname","'","''")) & "', '"
>  sql= sql & request.form(replace("firstname","'","''")) & "') "
>  set objrec = objconn.execute(sql)

Try this:

Create a function to do the modification for you, like this:

     Function FixSQL( strSQL )
          FixSQL = "'" & Replace(strSQL, "'", "''") & "'"
     End Function

Then use it like this:
     sql="insert into Person "
     sql= sql & "( lastname, firstname, ) " 
     sql= sql & "values ("
     sql= sql & FixSQL(request.form("lastname")) & ", "
     sql= sql & FixSQL(request.form("firstname")) & ") "


Hope That Helps,
Dex*
0
 

Author Comment

by:LiLib
ID: 9750555
Hi Dex,

Thank you very much.  I will try it.

thanks,
Lili
0
 
LVL 19

Expert Comment

by:Dexstar
ID: 9750583
LiLib:

> Thank you very much.  I will try it.

If it works for you, please accept my answer.  If it doesn't work for you, post a message saying what's wrong, and we'll work together to fix it.  :)

Dex*
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:jammyg
ID: 9751467
The replace function is working fine, but you are using it in wrong way. You can't replace the Form control with this function.
( as used in your code:   request.form(replace("lastname","'","''")))

To replace the value in request object, Try the following:
replace(request.form("lastname"),"'","''").

Let me know if it works.

thanks
0
 

Author Comment

by:LiLib
ID: 9760365
Hello Dex* and Jammyg,
Both your functions work perfectly in my project.  Thank both of you for nice help.
LiLib  
0
 
LVL 7

Expert Comment

by:vnvk
ID: 12154831
This Question is now classified abandoned as no comment has been added to this question in more than 21 days.

I will leave the following recommendation on this question to the moderators in the Cleanup topic area:
    Accept: Dexstar {http:#9750488}

Any objections should be posted here in the next 4 days. After that time, the question will be closed at the discretion of the moderator.

vnvk
EE Cleanup Volunteer
0
 
LVL 19

Expert Comment

by:Dexstar
ID: 12176100
Works for me...

-D*
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question