String contains apostrophe and commas and generate sql error
Posted on 2009-05-01
I've created a sql string that I'm going to run a command with and the values came from fields on the screen. One of them could contain apostrophes and commas. I've taken care of the apostrophes with the .replace(" ' "." '' ") method but the commas are causing a problem when inserting.
textbox1.text = " 'This' , 'is' a 500 point question , that is up for grabs."
textbox2.text = "Who wants it?"
sqlstring = "insert into my table values(" ' " & textbox1.text & "," & textbox2.text "
the sql string will look like this:
insert into mytable values(''This' , ''is'' a 500 point question , that is up for grabs.
, "Who wants it?'" ")
The commas in 'This' , 'is' a 500 point question , that is up for grabs. is making it look like there is really four values to insert. How to escape the comma?