mparker1113
10-13-2006, 02:39 PM
For inserting variables in to SQL, PHP has addslashes() , is there an equivalent for ASP ? I want to enter user entered variables into a database but if they use an apostrophe, the program crashes.
Click to See Complete Forum and Search --> : AddSlashes function for inserting SQL ?
I.m.I
10-13-2006, 03:46 PM
u can use replace(string, "'","\'")
but for ms sql or access u can not
u can use replace(string, "'",""")
but for ms sql or access u can not
u can use replace(string, "'",""")
mparker1113
10-13-2006, 03:50 PM
replace( ) okay -- thanks
mattyblah
10-14-2006, 02:48 AM
You should really look into using stored procedures if you're using ms sql, it could alleviate these problems.
webdeveloper.com
Copyright Internet.com Inc., All Rights Reserved.
Copyright Internet.com Inc., All Rights Reserved.