Solved

Quotes in a value passed in a SQL expression  VB .NET 2003 Application

Posted on 2006-10-25
6
172 Views
Last Modified: 2010-05-18
I have strings that have single quotes in the value.  When I use the value in my SQL expression, of course it does not like it.  Is there a way to get around this, other than changing the data in the table itself?
0
Comment
Question by:mphillip85
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:jake072
ID: 17807095
Yes, for all your string fields, do a simple replace:

str = str.Replace("'", "''")

Then, when outputting from the db, do the opposite:

str = str.Replace("''", "'")

Jake
0
 

Author Comment

by:mphillip85
ID: 17824366
How do I pass a select command text with the single quote in the expression of the value like


"Select * FROM myTable WHERE myName = '" & "Cat's" & "';"

0
 
LVL 14

Expert Comment

by:jake072
ID: 17835279
you use 2 single quotes for any single quote IN YOUR STRING.

So:

"Select * FROM myTable WHERE myName = '" & "Cat''s" & "'"

I don't know why you have the ; there?

Jake
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 

Author Comment

by:mphillip85
ID: 17839045
I put the ; in there because it wont error but will not pass the selec command either.  Plus the programming book says to put the ;

How will this work.

"Select * FROM myTable WHERE Cat's= " & "Cat"s" & "'"

So you say that Cat's is = Cat"s ? Literally?

That is what I am going to end up with.  Since I am not changing the data in the table iteslf.

I hope I am being clear.  I am leaning on actually using CONTAINS when I find a single quote for these somewhat rare records.

Mike



0
 
LVL 14

Accepted Solution

by:
jake072 earned 50 total points
ID: 17842233
Yes, to get it to pass in SQL, you need to replace single quotes with double quotes.  Obviously, when you retrieve the data, you will need to parse them out.

This is the way it is...  Is it not working for you or something?

I'm just confused what the problem is.

Jake
0
 
LVL 14

Expert Comment

by:jake072
ID: 17849413
Just wondering, but why the 'B'?

I have been trying to clear any issues here.  Was there something more you needed?

Jake
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Creating an analog clock UserControl seems fairly straight forward.  It is, after all, essentially just a circle with several lines in it!  Two common approaches for rendering an analog clock typically involve either manually calculating points with…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question