Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Apostrophe in Textbox
- Thread starter itorient
- Start date
Use ADO.NET Parameter objects. These will also take care of the case where the user enters a double-quote, a semi-colon, a double-dash, and other invalid characters.
Another benefit is that it protects you from SQL Injection, which is an attack where the bad guy can send arbitrary SQL commands to your database.
Chip H.
____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
Another benefit is that it protects you from SQL Injection, which is an attack where the bad guy can send arbitrary SQL commands to your database.
Chip H.
____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first
or if you don't want to change all your code and don't worry about security
but take chiph's advice and change it anyway perhaps not now but certainly in the near future
Christiaan Baes
Belgium
"What a wonderfull world" - Louis armstrong
Code:
replace(txt1.text,"'","''")but take chiph's advice and change it anyway perhaps not now but certainly in the near future
Christiaan Baes
Belgium
"What a wonderfull world" - Louis armstrong
- Thread starter
- #4
- Status
Similar threads
