<div>
From the viewpoint of data model design: Constraints prohibiting these are sufficient. <br />
<br />
The database should not modify data after it is send from the application that way. When it must be in SQL, then you should use a stored procedure for INSERT and UPDATE on that table instead. <br />
<br />
But it is better done in the front-end. Cause otherwise you must read the data after writing it to get possible changes for display. This is an unnecessary round trip.
</div>


<div>
Yes I know ste5an.<br>I am saying that there are hundreds of access points to this table for each insert and update.<br>If it was more feasible then yes I would handle it on the front end.<br><br>Thanks for your insight.<br><br>
</div>


<div>
That's why you only need a CHECK constraint. Then any application can and must handle the domain correctly.
</div>


<div>
OH I see!! I didn't get what you said!!<br>Apologies ...<br><br><br>
</div>


dgrafx

<div>
I'm sorry Scott! I didn't even see your post!
</div>


<div>
Thanks Scott !!!<br>After working with it just a tad I have to say ste5an that when you say &gt;&gt;any application can and must handle the domain correctly&lt;&lt;<br>It would be nice if all applications were written logically - but they aren't ...
</div>


<div>
I posted a bit later, it took me a bit to ready the code, even though it's very easy and straightforward, since I am very busy at work.<br><br>You should do as much vetting on the front end / app as you reasonably can, but the db should still have the final controls for what rules the data must meet. &nbsp;Iow, just because data is (supposedly) "fully" checked by the app, you still need to have a final verification in the db itself.<br><br>CHECK constraints are fine if the app code can trap and handle the error properly. &nbsp;Most app code I've seen does not do that. &nbsp;Besides, it's a huge amount of effort to write tons of error-handling code for things that come up only 1% (or whatever error rate you have) of the time.
</div>


<div>
If I would have written this app then there would be one insertion point - ya know one function that handled the inserts and updates - so that any changes or fixes could be handled in that one function. But this was all over the place! <br><br>I thank both of you for your time!!<br>And I agree with your statements Scott!
</div>


<div>
Yes it can be done in a trigger, some times there is no other way. But not when we talk about web apps.<br />
<br />

<blockquote>
Most app code I've seen does not do that. 
</blockquote>
Well, and that's why so many web apps are a hugh security issue. They must validate and sanitze input. This is not optional. See <a href="https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html" rel="ugc">OWASP Input Validation Cheat Sheet</a>.
</div>


<div>
<blockquote>Most app code I've seen does not do that.</blockquote>That was in regard to apps properly handling CHECK constraints. &nbsp;I have yet to see an app that fully does that. &nbsp;<br><br>The CHECK constraint will lead to a failed insert / update, NOT data being automatically corrected by the app in response. &nbsp;IF the app code "knew" how to correct that problem, it wouldn't have happened in the first place. &nbsp;So saying "the app should handle the CHECK constraint" is really a non sequitur.<br><br>
</div>


<div>
<div class="content wysiwyg-content fr-view">
<p>I'm looking for best practices advice and also code suggestions for the following:</p><p>I'm working on a web application that has SEVERAL insert and update points to the table in question. I don't want to go around and edit each contact point - then test each one - so I'm thinking that I'd like to use a trigger.</p><p>The goal is to remove single quotes from being inserted in 2 columns.</p><p>I need the trigger to fire on both insert and update.</p><p>Thanks</p>
</div>
</div>



I'm looking for best practices advice and also code suggestions for the following:
I'm working on a web application that has SEVERAL insert and update points to the table in question. I don't want to go around and edit each contact point - then test each one - so I'm thinking that I'd like to use a trigger.
The goal is to remove single quotes from being inserted in 2 columns.
I need the trigger to fire on both insert and update.
Thanks

Sql Update &amp; Insert Trigger

SQL (Structured Query Language) is designed to be used in conjunction with relational database products as of a means of working with sets of data. SQL consists of data definition, data manipulation, and procedural elements. Its scope includes data insert, query, update and delete, schema creation and modification, and data access control.

Sql Update &amp; Insert Trigger

Sql Update & Insert Trigger