I'm sure this is an extremely common problem. I looking of a best practice solution.
Users enter text in a form. I load the response into a variable... strUserText=me.UserText
Next, I save this response into a table using an variety of different SQL statements.
User's however enter text that includes both single and double quotes. What is the best practice to prevent these characters from causing SQL errors?
Example:
The user enters: It's my favorite day of the week
into a text box UserText
my code:
strUserText=me.UserText
strSQL="UPDATE logShippingStatus SET ShippingStatus = '" & strUserText & "' WHERE Status.ID=680491;"
docmd.runsql(strSQL)
The apostrophe in "it's" breaks my SQL
Thanks in advance.
p
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.