Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Database won't accept Apostrophes ( ' )

Status
Not open for further replies.
nhurst1369

nhurst1369

MIS
Jan 27, 2003
9
US
This works to update the database as long as there are no ' (Apostrophes) in the fields. Can anybody recomend a solution to this problem?

<%
Dim ID, status, results, tester, notes, timestamp, arr_ids
ID= Request.Form(&quot;ID&quot;)
Dim Conn, Rs, sql, sql_update
Set Conn = Server.CreateObject(&quot;ADODB.Connection&quot;)
Set Rs = Server.CreateObject(&quot;ADODB.Recordset&quot;)
Conn.Open &quot;DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=&quot; & Server.MapPath(&quot;sr6.mdb&quot;)

sql= &quot;Update tbldts Set status='&quot;&Request.Form(&quot;status&quot;)&&quot;', results='&quot;&Request.Form(&quot;results&quot;)&&quot;', tester='&quot;&Request.Form(&quot;tester&quot;)&&quot;', notes='&quot;&Request.Form(&quot;notes&quot;)&&quot;' WHERE index=&quot;&ID

Rs.Open sql, Conn
Conn.Close
Set Rs=Nothing
Set Conn = Nothing
Response.Write &quot;Successfully Updated&quot;
%>
 
Sort by date Sort by votes
you need to double them up...

replace(request(&quot;fieldName&quot;),&quot;'&quot;,&quot;''&quot;)

also read up on SQL Injection attacks....

Programming today is a race between software engineers striving to build better and bigger idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. - Rick Cook (No, I'm not Rick)

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

damipera
  • Locked
  • Question
Won't Redirect
Replies
0
Views
144
damipera
damipera
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
185
penguinspeaks
penguinspeaks
bslintx2021
  • Locked
  • Question
How to configure IIS 10 server to allow Classic ASP to connect to MSSQL server database on a domain
Replies
1
Views
519
penguinspeaks
penguinspeaks
leifoet
  • Locked
  • Question
How to update the content of radio buttons in a database?
Replies
2
Views
128
leifoet
leifoet
leifoet
  • Locked
  • Question
Problem with updating database reords.
2
Replies
31
Views
326
leifoet
leifoet

Part and Inventory Search

Sponsor

Back
Top