?
Solved

SQL Server/Classic ASP Escape Characters

Posted on 2014-11-25
4
Medium Priority
?
365 Views
Last Modified: 2014-11-25
So I want to grab data from my remote server and bring it to my local server using a web page.  Here is the codd:
        Set rs = New ADODB.Recordset
        sql = "SELECT FirstName, LastName, City, St, Phone, Email, DOB, Gender, Country, FBook, Twitter, Uploaded "
        sql = sql & "FROM Participant WHERE ParticipantID = " & PartsToAdd(i)
        rs.Open sql, srvr_conn, 1, 2
        For j = 0 To 10
            PartArr(j) = rs(j).Value
        Next j
        rs(11).Value = "y"
        rs.Update
        rs.Close
        Set rs = Nothing
                
        'check to see if this participant exists
        lParticipantID = 0
        Set rs = New ADODB.Recordset
        sql = "SELECT ParticipantID FROM Participant WHERE FirstName = '" & PartArr(0) & "' AND LastName = '" & PartArr(1)
        sql = sql & "' AND Email = '" & PartArr(5) & "' AND Gender = '" & PartArr(7) & "'"
        rs.Open sql, conn, 1, 2
        If rs.RecordCount > 0 Then lParticipantID = rs(0).Value
        rs.Close
        Set rs = Nothing

Open in new window


The problem is that If I get an error when I try to check for a match in the local data (conn) if there is an O'Brien in the remote data.  If know how to use Replace(rs(1).Value, " ' ' ", " ' ") but I keep getting the error.  Any suggestions?
0
Comment
Question by:Bob Schneider
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 1400 total points
ID: 40465799
I would just replace with an entity

You can use chr(39) for the replace
replace(myval,"'",chr(39))

http://dev.w3.org/html5/html-author/charref
http://www.w3schools.com/html/html_entities.asp
http://www.ascii.cl/htmlcodes.htm
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 600 total points
ID: 40465843
It could help to see what error you're getting.

You should also debug it.  Output the sql string and see what you're getting - find the line that is experiencing the error and RIGHT BEFORE IT, use RESPONSE.WRITE to display the SQL statement you expect to execute.

OF course, I don't see you're "replace" code that you say you know to use anywhere in your code above.  

Finally, if you didn't, in fact, just make a typo in your explanation, the PROPER syntax of Replace is
Replace(string, "findThis", "replaceWithThis")

The example you use above would find '' and replace it with ' and what you need to find is ' and replace it with '' -- the exact opposite.
0
 
LVL 53

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 1400 total points
ID: 40465849
I think I meant

replace(myval,"'","'")

http://jsbin.com/yebeworuso/1/edit
0
 

Author Comment

by:Bob Schneider
ID: 40465878
This worked:
        'get remote part data based on part id
        Set rs = New ADODB.Recordset
        sql = "SELECT FirstName, LastName, City, St, Phone, Email, DOB, Gender, Country, FBook, Twitter, Uploaded "
        sql = sql & "FROM Participant WHERE ParticipantID = " & PartsToAdd(i)
        rs.Open sql, srvr_conn, 1, 2
        For j = 0 To 10
            PartArr(j) = rs(j).Value
        Next j
        rs(11).Value = "y"
        rs.Update
        rs.Close
        Set rs = Nothing
                
        'check to see if this participant exists
        lParticipantID = 0
        Set rs = New ADODB.Recordset
        sql = "SELECT ParticipantID FROM Participant WHERE FirstName = '" & Replace(PartArr(0), Chr(39), Chr(34))
        sql = sql & "' AND LastName = '" & Replace(PartArr(1), Chr(39), Chr(34))
        sql = sql & "' AND Email = '" & PartArr(5) & "' AND Gender = '" & PartArr(7) & "'"
        rs.Open sql, conn, 1, 2
        If rs.RecordCount > 0 Then lParticipantID = rs(0).Value
        rs.Close
        Set rs = Nothing

Open in new window


Thanks!
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Why is this different from all of the other step by step guides?  Because I make a living as a DBA and not as a writer and I lived through this experience. Defining the name: When I talk to people they say different names on this subject stuff l…
A Stored Procedure in Microsoft SQL Server is a powerful feature that it can be used to execute the Data Manipulation Language (DML) or Data Definition Language (DDL). Depending on business requirements, a single Stored Procedure can return differe…
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question