troubleshooting Question

replace quotes with UTF-8 character

Avatar of Aleks
AleksFlag for United States of America asked on
Web Languages and StandardsMicrosoft SQL ServerWeb DevelopmentASPSQL
38 Comments1 Solution514 ViewsLast Modified:
I have an ASP page that updates information into my SQL 2008R2 database.
The use of quotes and other characters is causing issues so I have a function that replaces then with their Unicode character, below is the function:

function clean( str )
    if str <> "" and not isNull( str ) then
        str = Replace( str, "<", "" )
        str = Replace( str, ">", "" )
        str = Replace( str, "&", "&amp;" )
		str = Replace( str, "'", "&apos;" )
        str = Replace( str, "&quot;", "\""" ) 
		str = Replace( str, "&amp;apos;", "'" )
		str = Replace( str, chr(226) & chr(128) & chr(156), "" )    'replaces left smart quote
		str = Replace( str, chr(226) & chr(128) & chr(157), "" )    'replaces right smart quote
		str = Replace( str, chr(226) & chr(128) & chr(153), "" )    'replaces left smart apostrophe
		str = Replace( str, chr(226) & chr(128) & chr(152), "" )    'replaces right smart apostrophe
    end if                
    clean = str
end function

I am trying to apply this into the ASP code but I am doing something wrong that is not working. Here is what I have. I could use some help.
* This is just part of the code, but the part I think is relevant to the issue.

 Set MM_editCmd = Server.CreateObject ("ADODB.Command")
    MM_editCmd.ActiveConnection = MM_bluedot_STRING
    MM_editCmd.CommandText = "UPDATE dbo.AdminChecklist SET Docname = ?, Docfrom = ? WHERE docid = ?" 
    MM_editCmd.Prepared = true
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 202, 1, 100, (Request.Form(clean("Docname")))) ' adVarWChar
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 202, 1, 150, Request.Form("Docfrom")) ' adVarWChar
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 5, 1, -1, MM_IIF(Request.Form("MM_recordId"), Request.Form("MM_recordId"), null)) ' adDouble
    MM_editCmd.Execute
ASKER CERTIFIED SOLUTION
Big Monty
Web Ninja at large

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 38 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 38 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros