Solved

Quotes in a value passed in a SQL expression  VB .NET 2003 Application

Posted on 2006-10-25
6
175 Views
Last Modified: 2010-05-18
I have strings that have single quotes in the value.  When I use the value in my SQL expression, of course it does not like it.  Is there a way to get around this, other than changing the data in the table itself?
0
Comment
Question by:mphillip85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:jake072
ID: 17807095
Yes, for all your string fields, do a simple replace:

str = str.Replace("'", "''")

Then, when outputting from the db, do the opposite:

str = str.Replace("''", "'")

Jake
0
 

Author Comment

by:mphillip85
ID: 17824366
How do I pass a select command text with the single quote in the expression of the value like


"Select * FROM myTable WHERE myName = '" & "Cat's" & "';"

0
 
LVL 14

Expert Comment

by:jake072
ID: 17835279
you use 2 single quotes for any single quote IN YOUR STRING.

So:

"Select * FROM myTable WHERE myName = '" & "Cat''s" & "'"

I don't know why you have the ; there?

Jake
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mphillip85
ID: 17839045
I put the ; in there because it wont error but will not pass the selec command either.  Plus the programming book says to put the ;

How will this work.

"Select * FROM myTable WHERE Cat's= " & "Cat"s" & "'"

So you say that Cat's is = Cat"s ? Literally?

That is what I am going to end up with.  Since I am not changing the data in the table iteslf.

I hope I am being clear.  I am leaning on actually using CONTAINS when I find a single quote for these somewhat rare records.

Mike



0
 
LVL 14

Accepted Solution

by:
jake072 earned 50 total points
ID: 17842233
Yes, to get it to pass in SQL, you need to replace single quotes with double quotes.  Obviously, when you retrieve the data, you will need to parse them out.

This is the way it is...  Is it not working for you or something?

I'm just confused what the problem is.

Jake
0
 
LVL 14

Expert Comment

by:jake072
ID: 17849413
Just wondering, but why the 'B'?

I have been trying to clear any issues here.  Was there something more you needed?

Jake
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A while ago, I was working on a Windows Forms application and I needed a special label control with reflection (glass) effect to show some titles in a stylish way. I've always enjoyed working with graphics, but it's never too clever to re-invent …
Creating an analog clock UserControl seems fairly straight forward.  It is, after all, essentially just a circle with several lines in it!  Two common approaches for rendering an analog clock typically involve either manually calculating points with…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question