AllExperts > Active Server Pages Programming (ASP) 
Search      
Active Server Pages Programming (ASP)
Volunteer
Answers to thousands of questions
 Home · More Active Server Pages Programming (ASP) Questions · Answer Library  · Encyclopedia ·
More Active Server Pages Programming (ASP) Answers
Question Library

Ask a question about Active Server Pages Programming (ASP)
Volunteer
Experts of the Month
Expert Login

Awards

About Us
Tell friends
Link to Us
Disclaimer

 
 
 
 
About Ashley Brazier
Expertise
Main focus is ASP, SQL Server 2000 & 2005

Experience
Over 6 years experience.

Education/Credentials
BCs Honours Software Design and Networks

 
   

You are here:  Experts > Computing/Technology > Business Software > Active Server Pages Programming (ASP) > apostrophie error

Active Server Pages Programming (ASP) - apostrophie error

Expert: Ashley Brazier - 7/22/2008

Question
QUESTION: if i input a name say O'neill in the User textbox insert statement produces an error.. Please can you assist? thanks
If Request("submit") = "Add" Then
  sSQL = "Insert into Detail values('" & Request("SerialNumber")& "', '" & Request("Equipment") & "','" & Request("User")& "', '" & Request("Office")& "','" & Request("Manufacturer")& "', '" & Request("Model")& "', '" & Request("CPU")&"', '" & Request("RAM")& "','" & Request("VGACard") & "', '" & Request("HardDisk")&"')"
 

  oConn.Execute(sSQL)
  Response.Write("<strong>The Record has been added to the Details Database </strong><BR><BR>")
End If

oConn.Close
Set oRS = Nothing
Set oConn = Nothing
%>


ANSWER: Hi,

When you insert or update databases they won't except the ' so you have to do a replace like this replace(request("user"), "'","''")

That should do the trick

---------- FOLLOW-UP ----------

QUESTION: where in the code should i place replace(request("user"), "'","''")

Answer
replace
sSQL = "Insert into Detail values('" & Request("SerialNumber")& "', '" & Request("Equipment") & "','" & Request("User")& "', '" & Request("Office")& "','" & Request("Manufacturer")& "', '" & Request("Model")& "', '" & Request("CPU")&"', '" & Request("RAM")& "','" & Request("VGACard") & "', '" & Request("HardDisk")&"')"

with this:-

sSQL = "Insert into Detail values('" & Request("SerialNumber")& "', '" & Request("Equipment") & "','" & replace(Request("User"),"'","''")& "', '" & Request("Office")& "','" & Request("Manufacturer")& "', '" & Request("Model")& "', '" & Request("CPU")&"', '" & Request("RAM")& "','" & Request("VGACard") & "', '" & Request("HardDisk")&"')"

Add to this Answer   Ask a Question


 
User Agreement | Privacy Policy | Kids' Privacy Policy | Help
Copyright  © 2008 About, Inc. AllExperts, AllExperts.com, and About.com are registered trademarks of About, Inc. All rights reserved.