Solved

SQL update statement issue

Posted on 2013-01-08
10
305 Views
Last Modified: 2013-01-08
This is probably something completely simple for most of you.. but i am having a mild issue and Google isn't helping me.

basically i'm using some VBA to update a SQL Express table.

strSQL1 = " UPDATE dbo.TblTapeWIP SET BOAT_KIND ='" & strBoat & "' WHERE ITEM_NUM = '" & strItemNum & "' "

Open in new window


Most of the time this works perfectly .. but on occasion a user enters a "BOAT_KIND" (stored as a variable "strBoat") with a ' in it ( exmaple: TRIMARAN 105' NIGEL ).

Having that extra ' in it is breaking the update statement.

There has to be a way to rearrange
BOAT_KIND ='" & strBoat & "'

Open in new window

so that the extra ' does not freak everything out.
0
Comment
Question by:DMS-X
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 61

Expert Comment

by:mbizup
ID: 38755722
Try this:

strSQL1 = " UPDATE dbo.TblTapeWIP SET BOAT_KIND ='" & strBoat & "' WHERE ITEM_NUM = " & chr(34)  & strItemNum & chr(34)

Open in new window

0
 
LVL 61

Expert Comment

by:mbizup
ID: 38755727
Sorry - I corrected the wrong field:

strSQL1 = " UPDATE dbo.TblTapeWIP SET BOAT_KIND =" & chr(34) &  strBoat & chr(34) &  " WHERE ITEM_NUM = " & chr(34)  & strItemNum & chr(34)

Open in new window

0
 
LVL 65

Expert Comment

by:Jim Horn
ID: 38755728
To get rid of any quote mark in a string using Access VBA, use Replace.
Copy-paste the below line into your Immediate window and it will return abcdef

? Replace("abc'def", "'", "")

So just take the above and motify Miriam's SQL above where you have strBoat, and it'll work.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 120

Expert Comment

by:Rey Obrero (Capricorn1)
ID: 38755732
try

strSQL1 = " UPDATE dbo.TblTapeWIP SET BOAT_KIND =" & chr(34) & strBoat & chr(34) & " WHERE ITEM_NUM = '" & strItemNum & "' "
0
 
LVL 65

Expert Comment

by:Jim Horn
ID: 38755734
Disregard my above comment.  You probably need to insert the ', and Miriam's second SQL statement will work.
0
 
LVL 61

Accepted Solution

by:
mbizup earned 500 total points
ID: 38755746
You also might want to look into using parameters.  These can handle ', ", etc, etc, etc... and they are a method of avoiding SQL injection problems.  Check out my post here for an example using Access VBA:
http://www.experts-exchange.com/Microsoft/Development/MS_Access/Q_27983017.html#a38739644
0
 
LVL 1

Author Comment

by:DMS-X
ID: 38755810
There are a large Range of Names that the clients are using.. when i alter the code per Miriam's suggestion i get an error on this boat name now "C+C 115".

error No: -2147217900
Invalid column name 'C+C 115'.
0
 
LVL 61

Expert Comment

by:mbizup
ID: 38755831
Give this a try:


    Dim qd As New DAO.QueryDef
    On Error GoTo EH
    CurrentDb.QueryDefs.Delete ("qtemp")
    Set qd = CurrentDb.CreateQueryDef("qtemp", "UPDATE dbo.TblTapeWIP SET BOAT_KIND = @BoatKind WHERE ITEM_NUM = @ItemNum")
    With qd
        .Parameters("@BoatKind") = strBoat 
        .Parameters("@ID") = strItemNum
    End With
    qd.Execute
    Set qd = Nothing
    Exit Sub
EH:
    If Err.Number = 3265 Then Resume Next
    MsgBox "ERROR " & Err.Number & ": " & Err.Description
   

Open in new window

0
 
LVL 61

Expert Comment

by:mbizup
ID: 38755835
Or this:

    Dim qd As New DAO.QueryDef
    Set qd = CurrentDb.CreateQueryDef(, "UPDATE dbo.TblTapeWIP SET BOAT_KIND = @BoatKind WHERE ITEM_NUM = @ItemNum")
    With qd
        .Parameters("@BoatKind") = strBoat 
        .Parameters("@ItemNum") = strItemNum
    End With
    qd.Execute
    Set qd = Nothing

Open in new window

0
 
LVL 1

Author Closing Comment

by:DMS-X
ID: 38755958
With out rewriting my complete function i was able to find a solution using the link provided..

basically i'm just formatting the Boat_kind field using the following...

strBoat = Replace(Nz(rs.BOAT_KIND), Chr$(39), Chr$(32))

so i just replace it with a space.. maybe not the best way but this issue has already taken enough of my time.. cost to benefit you know..

Thanks for the solutions.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Describes a method of obtaining an object variable to an already running instance of Microsoft Access so that it can be controlled via automation.
What’s inside an Access Desktop Database. Will look at the basic interface, Navigation Pane (Database Container), Tables, Queries, Forms, Report, Macro’s, and VBA code.
With Microsoft Access, learn how to specify relationships between tables and set various options on the relationship. Add the tables: Create the relationship: Decide if you’re going to set referential integrity: Decide if you want cascade upda…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now