• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 615
  • Last Modified:

VB.NET - Insert Query issue with textbox and apostrophe

Hello experts,  

Not sure how to go about this, but I created a windows application that has a richtextbox.  Behind code will insert whatever that is typed in this richtextbox to a SQL Server 2005 database table.  It works fine, but when a comma is use, it gives me an error.

Example:

John's car was stolen.

Above example thinks that the apostrophe is the closing.  So if I look from code behind, my syntax query would look like the following:

Insert into Table1(ID, Description)
Values(1, 'John's car was stolen')

0
holemania
Asked:
holemania
  • 2
2 Solutions
 
cyberkiwiCommented:
double up the single-quotes


Insert into Table1(ID, Description)
Values(1, 'John''s car was stolen')
0
 
cyberkiwiCommented:
Or if you are building the string, then use replace as shown below.
(But you really should be using parameterized queries..)
Dim query as String = "Insert into Table1(ID, Description) Values(1, '" & strDescription.Replace("'","''") & "')"

Open in new window

0
 
DhaestCommented:
I would suggest to use parameters with your insert-command

http://www.java2s.com/Code/VB/Database-ADO.net/UseParametersinyoursqlcommand.htm
0
 
holemaniaAuthor Commented:
Thanks.
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now