ASP and MySQL ' character problem
I couldn't decide to here or to ASP section so I wrote it to both. I have a problem with ASP + MySQL with the character of ' .
When a client types character ' in the form fields and send the form MySQL gives an error message of
Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)
[MySQL][ODBC 3.51 Driver][mysqld-4.0.21-nt]You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'tolo' and aracmodel='test'' at line 1
I sorted this problem before by using the following code but I would like to learn if there's an easier way.
note1 = Request.Form("note1")
note1 = Replace(note1, CHR(39), "'")
I have about 30 to 50 form fields and I don't want to do this for each field. Can anyone recommend an easier way if there's one?
So the problem is that when you create the SQL statement from the input values, it break the query with the unescaped quotes. I always have to escape them.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)