How do I escape single quotes in SQL queries?

View previous topic View next topic Go down

How do I escape single quotes in SQL queries?

Post  Admin on Sat Aug 08, 2009 2:12 pm

I am trying to run a SQL Select statement which looks like this:

"SELECT * FROM TableName WHERE FieldName = '" + Request.QueryString("ProNumber") + "'"

But, I am getting a End of statement expected error. The value passed in contains a single quote. Is it a problem?

Soln:
"SELECT * FROM TableName WHERE FieldName = '" + replace(Request.QueryString("ProNumber"), "'", "''") + "'"
Web Reference:
How do i escape single character

Admin
Admin

Posts : 50
Join date : 2009-06-05

View user profile http://softro.forumotion.net

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum