Solved

SQL Server/Classic ASP Escape Characters

Posted on 2014-11-25
4
355 Views
Last Modified: 2014-11-25
So I want to grab data from my remote server and bring it to my local server using a web page.  Here is the codd:
        Set rs = New ADODB.Recordset
        sql = "SELECT FirstName, LastName, City, St, Phone, Email, DOB, Gender, Country, FBook, Twitter, Uploaded "
        sql = sql & "FROM Participant WHERE ParticipantID = " & PartsToAdd(i)
        rs.Open sql, srvr_conn, 1, 2
        For j = 0 To 10
            PartArr(j) = rs(j).Value
        Next j
        rs(11).Value = "y"
        rs.Update
        rs.Close
        Set rs = Nothing
                
        'check to see if this participant exists
        lParticipantID = 0
        Set rs = New ADODB.Recordset
        sql = "SELECT ParticipantID FROM Participant WHERE FirstName = '" & PartArr(0) & "' AND LastName = '" & PartArr(1)
        sql = sql & "' AND Email = '" & PartArr(5) & "' AND Gender = '" & PartArr(7) & "'"
        rs.Open sql, conn, 1, 2
        If rs.RecordCount > 0 Then lParticipantID = rs(0).Value
        rs.Close
        Set rs = Nothing

Open in new window


The problem is that If I get an error when I try to check for a match in the local data (conn) if there is an O'Brien in the remote data.  If know how to use Replace(rs(1).Value, " ' ' ", " ' ") but I keep getting the error.  Any suggestions?
0
Comment
Question by:Bob Schneider
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 53

Accepted Solution

by:
Scott Fell,  EE MVE earned 350 total points
ID: 40465799
I would just replace with an entity

You can use chr(39) for the replace
replace(myval,"'",chr(39))

http://dev.w3.org/html5/html-author/charref
http://www.w3schools.com/html/html_entities.asp
http://www.ascii.cl/htmlcodes.htm
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 150 total points
ID: 40465843
It could help to see what error you're getting.

You should also debug it.  Output the sql string and see what you're getting - find the line that is experiencing the error and RIGHT BEFORE IT, use RESPONSE.WRITE to display the SQL statement you expect to execute.

OF course, I don't see you're "replace" code that you say you know to use anywhere in your code above.  

Finally, if you didn't, in fact, just make a typo in your explanation, the PROPER syntax of Replace is
Replace(string, "findThis", "replaceWithThis")

The example you use above would find '' and replace it with ' and what you need to find is ' and replace it with '' -- the exact opposite.
0
 
LVL 53

Assisted Solution

by:Scott Fell, EE MVE
Scott Fell,  EE MVE earned 350 total points
ID: 40465849
I think I meant

replace(myval,"'","'")

http://jsbin.com/yebeworuso/1/edit
0
 

Author Comment

by:Bob Schneider
ID: 40465878
This worked:
        'get remote part data based on part id
        Set rs = New ADODB.Recordset
        sql = "SELECT FirstName, LastName, City, St, Phone, Email, DOB, Gender, Country, FBook, Twitter, Uploaded "
        sql = sql & "FROM Participant WHERE ParticipantID = " & PartsToAdd(i)
        rs.Open sql, srvr_conn, 1, 2
        For j = 0 To 10
            PartArr(j) = rs(j).Value
        Next j
        rs(11).Value = "y"
        rs.Update
        rs.Close
        Set rs = Nothing
                
        'check to see if this participant exists
        lParticipantID = 0
        Set rs = New ADODB.Recordset
        sql = "SELECT ParticipantID FROM Participant WHERE FirstName = '" & Replace(PartArr(0), Chr(39), Chr(34))
        sql = sql & "' AND LastName = '" & Replace(PartArr(1), Chr(39), Chr(34))
        sql = sql & "' AND Email = '" & PartArr(5) & "' AND Gender = '" & PartArr(7) & "'"
        rs.Open sql, conn, 1, 2
        If rs.RecordCount > 0 Then lParticipantID = rs(0).Value
        rs.Close
        Set rs = Nothing

Open in new window


Thanks!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Everyone has problem when going to load data into Data warehouse (EDW). They all need to confirm that data quality is good but they don't no how to proceed. Microsoft has provided new task within SSIS 2008 called "Data Profiler Task". It solve th…
A Stored Procedure in Microsoft SQL Server is a powerful feature that it can be used to execute the Data Manipulation Language (DML) or Data Definition Language (DDL). Depending on business requirements, a single Stored Procedure can return differe…
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question