Solved

Quotes in a value passed in a SQL expression  VB .NET 2003 Application

Posted on 2006-10-25
6
176 Views
Last Modified: 2010-05-18
I have strings that have single quotes in the value.  When I use the value in my SQL expression, of course it does not like it.  Is there a way to get around this, other than changing the data in the table itself?
0
Comment
Question by:mphillip85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 14

Expert Comment

by:jake072
ID: 17807095
Yes, for all your string fields, do a simple replace:

str = str.Replace("'", "''")

Then, when outputting from the db, do the opposite:

str = str.Replace("''", "'")

Jake
0
 

Author Comment

by:mphillip85
ID: 17824366
How do I pass a select command text with the single quote in the expression of the value like


"Select * FROM myTable WHERE myName = '" & "Cat's" & "';"

0
 
LVL 14

Expert Comment

by:jake072
ID: 17835279
you use 2 single quotes for any single quote IN YOUR STRING.

So:

"Select * FROM myTable WHERE myName = '" & "Cat''s" & "'"

I don't know why you have the ; there?

Jake
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 

Author Comment

by:mphillip85
ID: 17839045
I put the ; in there because it wont error but will not pass the selec command either.  Plus the programming book says to put the ;

How will this work.

"Select * FROM myTable WHERE Cat's= " & "Cat"s" & "'"

So you say that Cat's is = Cat"s ? Literally?

That is what I am going to end up with.  Since I am not changing the data in the table iteslf.

I hope I am being clear.  I am leaning on actually using CONTAINS when I find a single quote for these somewhat rare records.

Mike



0
 
LVL 14

Accepted Solution

by:
jake072 earned 50 total points
ID: 17842233
Yes, to get it to pass in SQL, you need to replace single quotes with double quotes.  Obviously, when you retrieve the data, you will need to parse them out.

This is the way it is...  Is it not working for you or something?

I'm just confused what the problem is.

Jake
0
 
LVL 14

Expert Comment

by:jake072
ID: 17849413
Just wondering, but why the 'B'?

I have been trying to clear any issues here.  Was there something more you needed?

Jake
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1.0 - Introduction Converting Visual Basic 6.0 (VB6) to Visual Basic 2008+ (VB.NET). If ever there was a subject full of murkiness and bad decisions, it is this one!   The first problem seems to be that people considering this task of converting…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question