troubleshooting Question
Need best practice for saving sql which contains user input single and double quotes
pcalabria
asked on
asked on
I'm sure this is an extremely common problem. I looking of a best practice solution.
Users enter text in a form. I load the response into a variable... strUserText=me.UserText
Next, I save this response into a table using an variety of different SQL statements.
User's however enter text that includes both single and double quotes. What is the best practice to prevent these characters from causing SQL errors?
Example:
The user enters: It's my favorite day of the week
into a text box UserText
my code:
strUserText=me.UserText
strSQL="UPDATE logShippingStatus SET ShippingStatus = '" & strUserText & "' WHERE Status.ID=680491;"
docmd.runsql(strSQL)
The apostrophe in "it's" breaks my SQL
Thanks in advance.
p
Users enter text in a form. I load the response into a variable... strUserText=me.UserText
Next, I save this response into a table using an variety of different SQL statements.
User's however enter text that includes both single and double quotes. What is the best practice to prevent these characters from causing SQL errors?
Example:
The user enters: It's my favorite day of the week
into a text box UserText
my code:
strUserText=me.UserText
strSQL="UPDATE logShippingStatus SET ShippingStatus = '" & strUserText & "' WHERE Status.ID=680491;"
docmd.runsql(strSQL)
The apostrophe in "it's" breaks my SQL
Thanks in advance.
p
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 6 Comments.
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.