Solved

how can I write a \ to a mysql field via vb.net

Posted on 2011-03-10
5
291 Views
Last Modified: 2012-06-22
I have a variable IniLoc which is populated from a datagridview, the result being "D:\FTPROOT\FRED"  Thats no problem.

Later on in my code I want to write this back to my database and I use         myCommand.Connection = conn
myCommand.CommandText = "INSERT INTO `incidentmon` (`Subject`, `IncidentDate`, `IncidentFolder`,`Status` ) VALUES ('" & Subject & "', '" & NewDate & "', '" & IniLoc & "\" & Subject & "', 'Processing');"

subject = Test for this example.

And sure enough it writes back to the database, however, the IniLoc field that is written back appears as
"D:FTPROOTFREDTest"

How can I get it to write back including the \'s in the right places?
0
Comment
Question by:CarlCCTVSI
  • 2
  • 2
5 Comments
 
LVL 17

Accepted Solution

by:
xDJR1875 earned 500 total points
ID: 35096270
try doubling the slash.  as in "\\"
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 35096352
or use parameters instead of building the SQL like this ad-hoc.
using parameters will also avoid sql injection. ...
0
 

Author Comment

by:CarlCCTVSI
ID: 35096460
Thanks folks,

I get the idea os using the \\'s that not a problem, however, the string comes from somewhere else and only contains single \'s.  Any ideas how I can turn my \'s in the string to \\'s in the string ?

(so it goes from D:\FTPROOT\FRED to D:\\FTPROOT\\FRED)
0
 

Author Comment

by:CarlCCTVSI
ID: 35096539
Thanks Again,

I've cracked it.  Simple case of useing another string and replacing the \ with a \\

string2 = string1.replace("\" , "\\")

Did the job.
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
ID: 35100347
though this is a simple method to solve the \ problem, you will run into sql injection sooner or later:
http://www.google.lu/search?q=sql+injection&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

for your own safety, better change to SqlCommand + SqlParameter programming:
http://www.csharp-station.com/Tutorials/AdoDotNet/Lesson06.aspx
presuming you work with SQL Server database, but the concept is the same for other database systems .
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

1.0 - Introduction Converting Visual Basic 6.0 (VB6) to Visual Basic 2008+ (VB.NET). If ever there was a subject full of murkiness and bad decisions, it is this one!   The first problem seems to be that people considering this task of converting…
Microsoft Reports are based on a report definition, which is an XML file that describes data and layout for the report, with a different extension. You can create a client-side report definition language (*.rdlc) file with Visual Studio, and build g…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now