SQL Server keywords

I have not seen this before and am not sure what is causing it or where to look.

When a customer enters an address on my website that includes the word "union", for example "1922 Union St", the text that winds up in the SQL Server field includes a question mark (ascii 63) after "union".

Anybody know what might be causing this and how to stop it?

Thanks - David
GenesisTechAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jim HornMicrosoft SQL Server Developer, Architect, and AuthorCommented:
You'll have to cough up the code that INSERTs the data from your UI into SQL Server, as there appears to be not enough info here to provide an answer.
0
GenesisTechAuthor Commented:
Jim,

So you are at least saying that you do not believe this is being caused by SQL Server, but is more likely the ASP Code?

In other words you have not encountered this in SQL Server before?
0
Jim HornMicrosoft SQL Server Developer, Architect, and AuthorCommented:
Nope.  There has to be something going on that is parsing a value '"1922 Union St"' that is intended to be inserted into an address column, and there's nothing I know of specific to SQL Server that would do that.

So, two possibilities

1.

it's either the front-end before the INSERT into the SQL table, which you could troubleshoot on the form/whatever that creates the INSERT statement by making it spit out the INSERT statement (more likely), or

2.

In SQL it's either a Stored Procedure call that accepts parameters, and that SP parses the data somehow, or there's a table trigger in play
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GenesisTechAuthor Commented:
Thanks Jim.

Looks like there is a procedure checking for special sensitive characters and replacing thme to avoid a SQL Server injection. I found the routine and can now deal with it appropriately.

Thanks again!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server

From novice to tech pro — start learning today.