Solved

c# replace double quotes

Posted on 2008-10-18
9
5,388 Views
Last Modified: 2011-09-27
I searched hundreds of entries and tried tons of examples - I cannot find how to replace double quotes so my sql insert will run.
This runs for single quotes:
memberID = memberID.Replace("'","''");
so I need the same thing for double quotes.

Also, does a replace work on all the characters in the string or just once?
0
Comment
Question by:dcass
9 Comments
 
LVL 55

Accepted Solution

by:
Jaime Olivares earned 250 total points
ID: 22750737
To replace double quotes:

memberID = memberID.Replace("\"","other");

Replace method will replace all ocurrences
0
 

Author Comment

by:dcass
ID: 22750764
Will this show the double quotes back in the text like the single quote solution will?
0
 

Author Comment

by:dcass
ID: 22750774
What other characters will interfere with an insert?
How about ampersand?
0
 

Expert Comment

by:PedroBuhigas
ID: 22750781
I think what you're after is:
memberID = memberID.Replace("\"\"","other");
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 55

Expert Comment

by:Jaime Olivares
ID: 22750785
I think you just have to worry about the single quote, not double quote or other.
I use to replace the single quote with a tick (`):

memberID = memberID.Replace("'","`");
0
 
LVL 55

Expert Comment

by:Jaime Olivares
ID: 22750801
but if you want to avoid to use all these, better you use parameters instead.
have a look to:
http://www.codeproject.com/KB/database/SqlInjectionAttacks.aspx
read "Parameterised Queries" section.
0
 
LVL 6

Expert Comment

by:carlsiy
ID: 22751204
why not use....
memberID=@memberID
0
 
LVL 23

Assisted Solution

by:Tiggerito
Tiggerito earned 250 total points
ID: 22751502
I developed the following code to resolve encoding problems when directly using quoted text in mySql commands.
private static Regex _FromToRegex = new Regex(@"([\\\n\r\b\t'""\x1a\x00])",RegexOptions.Compiled);
 

private static string FromToMatchEvaluator(Match match)

{

	switch (match.Value)

	{

		case "\\":

			return "\\\\";

		case "\n":

			return "\\n";

		case "\r":

			return "\\r";

		case "\b":

			return "\\b";

		case "\t":

			return "\\t";

		case "\x1a":

			return "\\Z";

		case "\x00":

			return "\\0";

		case "'":

			return "\\'"; 

		case "\"":

			return "\\\"";

		default:

			return match.Value;

	}

}
 

public static string SqlEscapes(string s)

{

	return _FromToRegex.Replace(s,new MatchEvaluator(FromToMatchEvaluator));

}
 

public static string SqlString(String str)

{

	return "'"+SqlEscapes(str)+"'";

}

Open in new window

0
 

Expert Comment

by:rochefc
ID: 36709359
To replace Single Quotes, Double Quotes or Carriage Returns for use with Crystal Reports in C# try
 
fieldValue = fieldValue.Replace("\r\n", "' & chr(010) & '").Replace("'", "''").Replace("\"", "''''");

This allows the Crystal Report to Print with the desired result
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Summary: Persistence is the capability of an application to store the state of objects and recover it when necessary. This article compares the two common types of serialization in aspects of data access, readability, and runtime cost. A ready-to…
We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now