Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 340
  • Last Modified:

how can I write a \ to a mysql field via vb.net

I have a variable IniLoc which is populated from a datagridview, the result being "D:\FTPROOT\FRED"  Thats no problem.

Later on in my code I want to write this back to my database and I use         myCommand.Connection = conn
myCommand.CommandText = "INSERT INTO `incidentmon` (`Subject`, `IncidentDate`, `IncidentFolder`,`Status` ) VALUES ('" & Subject & "', '" & NewDate & "', '" & IniLoc & "\" & Subject & "', 'Processing');"

subject = Test for this example.

And sure enough it writes back to the database, however, the IniLoc field that is written back appears as
"D:FTPROOTFREDTest"

How can I get it to write back including the \'s in the right places?
0
CarlCCTVSI
Asked:
CarlCCTVSI
  • 2
  • 2
1 Solution
 
Daniel ReynoldsSoftware Applications Developer / IntegratorCommented:
try doubling the slash.  as in "\\"
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
or use parameters instead of building the SQL like this ad-hoc.
using parameters will also avoid sql injection. ...
0
 
CarlCCTVSIAuthor Commented:
Thanks folks,

I get the idea os using the \\'s that not a problem, however, the string comes from somewhere else and only contains single \'s.  Any ideas how I can turn my \'s in the string to \\'s in the string ?

(so it goes from D:\FTPROOT\FRED to D:\\FTPROOT\\FRED)
0
 
CarlCCTVSIAuthor Commented:
Thanks Again,

I've cracked it.  Simple case of useing another string and replacing the \ with a \\

string2 = string1.replace("\" , "\\")

Did the job.
0
 
Guy Hengel [angelIII / a3]Billing EngineerCommented:
though this is a simple method to solve the \ problem, you will run into sql injection sooner or later:
http://www.google.lu/search?q=sql+injection&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

for your own safety, better change to SqlCommand + SqlParameter programming:
http://www.csharp-station.com/Tutorials/AdoDotNet/Lesson06.aspx
presuming you work with SQL Server database, but the concept is the same for other database systems .
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now