How do I escape single quotes in SQL queries?
Tech Tips :: Databases :: MS SQL Server
Page 1 of 1
How do I escape single quotes in SQL queries?
I am trying to run a SQL Select statement which looks like this:
"SELECT * FROM TableName WHERE FieldName = '" + Request.QueryString("ProNumber") + "'"
But, I am getting a End of statement expected error. The value passed in contains a single quote. Is it a problem?
Soln:
"SELECT * FROM TableName WHERE FieldName = '" + replace(Request.QueryString("ProNumber"), "'", "''") + "'"
Web Reference:
How do i escape single character
"SELECT * FROM TableName WHERE FieldName = '" + Request.QueryString("ProNumber") + "'"
But, I am getting a End of statement expected error. The value passed in contains a single quote. Is it a problem?
Soln:
"SELECT * FROM TableName WHERE FieldName = '" + replace(Request.QueryString("ProNumber"), "'", "''") + "'"
Web Reference:
How do i escape single character
Tech Tips :: Databases :: MS SQL Server
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|