Solved

Dynamic query and the embedded aprostophe ( ' )

Posted on 2008-06-19
12
256 Views
Last Modified: 2010-04-21
I am having problems with using variables that may have an embedded aprostophe.  Because single quotes (aprostophe) are wrappers for text strings in a query, my dynamic query finds one of those and assumes the end of a text string when there is more text to follow.  I am looking for a parameter driven way of replacing the single quotes.  I do not want to use a string function replacing " ' " with " ' ' "

Changing any sybase db parms is not viable.  

Example:
strsql = strsql + " MID_ID = ' " & txtMidID.Text & " ' "

If txtMidID.Text  = "AMERICA'S" then the dynamic query finds a false end to the text string and results in a query syntax error.   Please provide a complete example with the solution
0
Comment
Question by:garyinmiami2003
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 33

Expert Comment

by:jppinto
ID: 21821577
did you've tryed like this:

strsql = strsql + " MID_ID = " &" ' " & txtMidID.Text & " ' "

jppinto
0
 
LVL 70

Expert Comment

by:Éric Moreau
ID: 21821579
double them:
strsql = strsql + " MID_ID = ' " & txtMidID.Text.replace("'", "''") & " ' "
0
 
LVL 70

Accepted Solution

by:
Éric Moreau earned 350 total points
ID: 21821592
and you have some space characters that should not be there:

strsql = strsql + " MID_ID = '" & txtMidID.Text.replace("'", "''") & "' "

Open in new window

0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 

Author Comment

by:garyinmiami2003
ID: 21821723
emoreau:

IT DOES NOT SEEM TO LIKE REPLACING 1 CHARACTER WITH 2?   vs 2005 VB.NET
0
 

Author Comment

by:garyinmiami2003
ID: 21821763
EMOREAU:

sorry, I was wrong let me try again
0
 

Author Comment

by:garyinmiami2003
ID: 21821963
Emoreau:

This does not solve my problem.  It does the replace  but I can't change the value  
0
 
LVL 70

Expert Comment

by:Éric Moreau
ID: 21822163
>>It does the replace  but I can't change the value  

The quote is not replaced into the database, it is only an escape character for the time the query is sent to SQL.

The quote is the value delimiter. If your value contains a quote, SQL thinks that the value ends there. That's why you need to double it.
0
 
LVL 18

Expert Comment

by:philipjonathan
ID: 21822778
If you use VB.NET, can you use the SqlParameter equivalent for Sybase?
0
 

Author Comment

by:garyinmiami2003
ID: 21822819
philipjonathan
Possibly, Can you tell me a little more.  I will network this around on my end.
0
 
LVL 4

Assisted Solution

by:Thunder724
Thunder724 earned 50 total points
ID: 21825069
I had this probelm a few years ago and I solved it by using the CHR functions.  Example below:
You can use this in a stored proc or if writing dynamic SQL from the client just put quotes around everything.

SELECT
      PID,
      C.CODE + ' + CHAR(39) + ' - ' + CHAR(39) + ' C.RDESC AS [RejectCode]
FROM TABLE1
0
 
LVL 18

Assisted Solution

by:philipjonathan
philipjonathan earned 100 total points
ID: 21827789
I've only done this with MS SQL and MySQL, but there should be similar concept for sybase.

I'll give you an example in MySQL:
string cmdText = "SELECT * FROM table WHERE MID_ID = '" + txtMIDId.Text + "'";

Change this to:
string cmdText = "SELECT * FROM table WHERE MID_ID = ?mid_id";
MySqlCommand cmd = new MySqlCommand(cmdText, connection);
cmd.Parameters.Add("?mid_id", txtMIDId.Text);
cmd.ExecuteReader(); // or execute whatever ...

Check this out for articles on SqlParameter (for MS SQL):
http://www.codeproject.com/KB/database/NET_Data_Access.aspx
0
 

Author Closing Comment

by:garyinmiami2003
ID: 31468740
The parameterized query works,  I assume CHR function would work but did not try.  I used the replace.  I learned something from each of the experts who received the points and my thanks to all of you.  Tried to award on merits of your solution combined with my needs.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Import Data from Multiple Text Files in Excel 12 60
No Data for DropDown List 2 28
VB.NET 2008 Winforms Signing 13 31
How to repeat the data 4 17
This article explains how to create and use a custom WaterMark textbox class.  The custom WaterMark textbox class allows you to set the WaterMark Background Color and WaterMark text at design time.   IMAGE OF WATERMARKS STEPS Create VB …
Introduction As chip makers focus on adding processor cores over increasing clock speed, developers need to utilize the features of modern CPUs.  One of the ways we can do this is by implementing parallel algorithms in our software.   One recent…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question