Issues with ' and %27

D

Drew

I am having difficulty fixing a problem with one of my apps. I know that
using an apostrophe will error the SQL statement out, since it thinks that
the apostrophe is the end of the statement. My issue is that I have replace
code in my app that is *supposed* to replace the apostrophe with double
quotes. This has been working fine, no complaints until a user tried to
insert the word, does'nt (I know, it is spelled incorrectly, but ASP
shouldn't care). The form data shows the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...

Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?

Thanks,
Drew
 
E

Evertjan.

Drew wrote on 31 aug 2006 in microsoft.public.inetserver.asp.general:
I am having difficulty fixing a problem with one of my apps. I know
that using an apostrophe will error the SQL statement out, since it
thinks that the apostrophe is the end of the statement. My issue is
that I have replace code in my app that is *supposed* to replace the
apostrophe with double quotes. This has been working fine, no
complaints until a user tried to insert the word, does'nt (I know, it
is spelled incorrectly, but ASP shouldn't care). The form data shows
the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...

Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?
Click to expand...

Replace the apostroph with a single back quote [accent grave].

O'Brien -> O`Brien

[In screen output, you can (re)place the apostrophe back,
but it doesn`t bother me in Dutch]
 
B

Bob Barrows [MVP]

Drew said:
I am having difficulty fixing a problem with one of my apps. I know
that using an apostrophe will error the SQL statement out, since it
thinks that the apostrophe is the end of the statement.
Click to expand...

That only happens if you are using dynamic sql. See here for a better
way:
http://groups-beta.google.com/group/microsoft.public.inetserver.asp.db/msg/72e36562fee7804e
My issue is
that I have replace code in my app that is *supposed* to replace the
apostrophe with double quotes.
Click to expand...

Do you mean two apostrophes? That's the correct way to escape single
quotes in sql statements, not double quotes
This has been working fine, no
complaints until a user tried to insert the word, does'nt (I know, it
is spelled incorrectly, but ASP shouldn't care). The form data shows
the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...
Click to expand...

Huh? The user typed in "%27"?
Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?
Click to expand...
Stop doing this replacement. Use parameters.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Im having some issues with my html website 1
Issues with tkinter 0
Search Results with Pagination 1
Help with statement Select Case in BASIC 7
VoIP PBX development issues 0
Beginner's Guide to getting CipherSweet working with PDO and MYSQL 1
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Begging for some assistance with adsense and blogger anyone interested? 2

Members online

Total: 2,485 (members: 2, guests: 2,483)
Robots: 135

Forum statistics

Threads
474,141
Messages
2,570,813
Members
47,357
Latest member
sitele8746

Latest Threads

Top