asked on
function clean( str )
if str <> "" and not isNull( str ) then
str = Replace( str, "<", "" )
str = Replace( str, ">", "" )
str = Replace( str, "&", "&" )
str = Replace( str, "'", "'" )
str = Replace( str, """, "\""" )
str = Replace( str, "&apos;", "'" )
str = Replace( str, chr(226) & chr(128) & chr(156), "" ) 'replaces left smart quote
str = Replace( str, chr(226) & chr(128) & chr(157), "" ) 'replaces right smart quote
str = Replace( str, chr(226) & chr(128) & chr(153), "" ) 'replaces left smart apostrophe
str = Replace( str, chr(226) & chr(128) & chr(152), "" ) 'replaces right smart apostrophe
end if
clean = str
end function
Set MM_editCmd = Server.CreateObject ("ADODB.Command")
MM_editCmd.ActiveConnection = MM_bluedot_STRING
MM_editCmd.CommandText = "UPDATE dbo.AdminChecklist SET Docname = ?, Docfrom = ? WHERE docid = ?"
MM_editCmd.Prepared = true
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 202, 1, 100, (Request.Form(clean("Docname")))) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 202, 1, 150, Request.Form("Docfrom")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 5, 1, -1, MM_IIF(Request.Form("MM_recordId"), Request.Form("MM_recordId"), null)) ' adDouble
MM_editCmd.Execute