Syntax error (missing operator) when using single and double apostrophe(' and ") with the input data

Dear Experts, Getting Syntax error (missing operator) when inserting data with single and double apostrophe(' and ") .
if i use this way (""" & Me.Text_box & """) it will take single apostrophe but cannot resolve when double apostrophe came in.
Please help
Who is Participating?
Dale FyeConnect With a Mentor Commented:
I use a function when to format my text strings that are either SQL statements or criteria strings.  The function looks like:
Public Function Quotes(varTextToQuote As Variant) As String

   Quotes = Chr$(34) & Replace(Nz(varTextToQuote, ""), Chr$(34), Chr$(39)) & Chr$(34)
End Function

Open in new window

The function will wrap whatever value is passed to it with double quotes, and will replace instances of a " in the text string with double quotes (""), which will be interpreted as a single, embedded quote.  It is so much easier to read this than trying to wrap the text value in extra quotes or to use the chr$(34) in your code.

You use the function like:

DCount("*", "REVIEW_TYPE", "Review_Name = " & Quotes(Me.Text_RVTEdit) & " AND [Review_Type_Id] <>  CLng(" & Me.Combo_RVEdit & ")")

You really don't need to wrap the value from Me.Combo_RVEdit in single quotes, like you had, prior to using the clng() conversion function.
Chr(34) & Me.Text_box & Chr(34)
gtmathewDallasAuthor Commented:
I tried but showing run time error 2471 :(
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

gtmathewDallasAuthor Commented:
DCount("*", "REVIEW_TYPE", "Review_Name = Chr(34) & Me.Text_RVTEdit.value & Chr(34) and Review_Type_Id <>  CLng('" & Me.Combo_RVEdit & "')")
it looks like you need to escape the characters, which is done by a single quote so
('I'll be there in a second O'Connor') will be ('I''ll be there in a second O''Connor')
(Quote:"Show me the money") would be (Quote':'"Show me the money'")

this is not the safest/best way to escape characters but its a start...
DatabaseMX (Joe Anderson - Microsoft Access MVP)Database ArchitectCommented:
How about

Chr(34) & Replace(Replace(Replace(Me.Text_box, Chr(39),""),Chr(39) & Chr(39),""), Chr(34),"")   & Chr(34)
gtmathewDallasAuthor Commented:
Actually the user can be enter any type of key values (', ",&,$,% etc ) to the database, is there any way to allow this?
I was using the controls this way-  '" & Me.Text_Box & "' but its not working..

DCOUNT ("*", "REVIEW_TYPE", "Review_Name = "  & Chr(34) & Me.Text_RVTEdit.value & Chr(34)  & " and Review_Type_Id <>  CLng(" & Me.Combo_RVEdit & ")")
Jeffrey CoachmanMIS LiasonCommented:
<Getting Syntax error (missing operator) when inserting data with single and double apostrophe(' and ") .
Not sure how you are "Inserting", but this works fine for me:

CurrentDb.Execute "INSERT INTO YourTable (YourTextField) Values(" & "'" & Replace(Me.txtTextWithApostrophe, "'", "''") & "'" & ")", dbFailOnError
Jeffrey CoachmanMIS LiasonCommented:
There may be a way to "tighten up" the syntax in my above post, but again, it works fine for me...
Any of the above posts should work, but here's another approach using the Parameters collection.  This Access VBA is similar to what you would use in .Net:

Private Sub cmdGetCount_Click()
    Dim qd As New DAO.QueryDef
    On Error GoTo EH
    CurrentDb.QueryDefs.Delete ("qtemp")
    Set qd = CurrentDb.CreateQueryDef("qtemp", "SELECT COUNT(*) AS TotReviews FROM REVIEW_TYPE WHERE Review_Name = @ReviewName AND Review_Type_Id <> @ID ")
    With qd
        .Parameters("@ReviewName") = Me.Text_RVTEdit
        .Parameters("@ID") = Me.Combo_RVEdit
    End With
    MsgBox qd.OpenRecordset.Fields("TotReviews")
    Set qd = Nothing
    Exit Sub
    If Err.Number = 3265 Then Resume Next
    MsgBox "ERROR " & Err.Number & ": " & Err.Description
End Sub

Open in new window

With the parameters collection, you don't need to worry about escaping special characters (because you're not using text or date delimiters), and if you ever upsize to a SQL platform, this method avoids SQL Injection problems in your action queries.
Jeffrey CoachmanMIS LiasonCommented:
In Reviewing this post, I discovered I was looking at this from the wrong point of view
(SQL Insert)

So my syntax is valid, but not really specific for your situation (DCount)

gtmathewDallasAuthor Commented:
Thanks Fyed, Its really simple and a good solution, Thanks.

I want to thank you to all other experts who helped me in this issue...
Dale FyeCommented:
Glad to help.

I have another version of that function which allows you to identify the wrapper, so can choose a single quote (used with SQL Server pass through queries), double quote, or even # for wrapping numbers.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.