string manipulation .ASP script

[bbell1980]

I can do this in vb.net but I can not do it in this asp code.

the user is writing what ever text into a text box and posting it to a
access database. problem is when they use words such as (we'll, can't,
shouldn't,) it will not go in because of the single quote mark.

I am trying to replace any single quote mark with the HTML code
"‚"

so I recoded the .asp script and now get this error

**********************************************************
Microsoft VBScript runtime error '800a01a8'

Object required: ''

/admin/news_add_action.asp, line 8

*********************************************************

here is the code I've been using:

Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Open sDSN

dim thenews

thenews.text = Request.form("newsbody")

dim singlequote

singlequote = Replace(singlequote, "Chr(39)", "‚")

sSQL = "INSERT INTO news(newsTitle, newsBody, newsDate) values('" &
Request.Form("newsTitle") & "','" & singlequote & "',#" & Date() &
"#)"

response.write sSQL

objConn.Execute(sSQL)

Response.Redirect "news.asp"

objConn.Close
Set objConn = NOTHING
%>

 

[Mark Rae [MVP]]

I can do this in vb.net but I can not do it in this asp code.

You're in the wrong newsgroup - this one is for ASP.NET issues.

Please post to: microsoft.public.inetserver.asp.general

 

[Mick Walker]

I can do this in vb.net but I can not do it in this asp code.

the user is writing what ever text into a text box and posting it to a
access database. problem is when they use words such as (we'll, can't,
shouldn't,) it will not go in because of the single quote mark.

I am trying to replace any single quote mark with the HTML code
"‚"

so I recoded the .asp script and now get this error

**********************************************************
Microsoft VBScript runtime error '800a01a8'

Object required: ''

/admin/news_add_action.asp, line 8

*********************************************************

here is the code I've been using:

Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Open sDSN

dim thenews

thenews.text = Request.form("newsbody")

dim singlequote

singlequote = Replace(singlequote, "Chr(39)", "‚")

sSQL = "INSERT INTO news(newsTitle, newsBody, newsDate) values('" &
Request.Form("newsTitle") & "','" & singlequote & "',#" & Date() &
"#)"

response.write sSQL

objConn.Execute(sSQL)

Response.Redirect "news.asp"

objConn.Close
Set objConn = NOTHING
%>

Wrong Newsgroup.

But use double quotes.

 

[=?ISO-8859-1?Q?G=F6ran_Andersson?=]

I can do this in vb.net but I can not do it in this asp code.

the user is writing what ever text into a text box and posting it to a
access database. problem is when they use words such as (we'll, can't,
shouldn't,) it will not go in because of the single quote mark.

I am trying to replace any single quote mark with the HTML code
"‚"

so I recoded the .asp script and now get this error

**********************************************************
Microsoft VBScript runtime error '800a01a8'

Object required: ''

/admin/news_add_action.asp, line 8

*********************************************************

here is the code I've been using:

Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Open sDSN

dim thenews

thenews.text = Request.form("newsbody")

As you haven't created any object and assigned to the thenews variable,
it can't have any property named text.

dim singlequote

singlequote = Replace(singlequote, "Chr(39)", "‚")

You are using the singlequote variable as input to the function, which
doesn't serve any purpose as you haven't assigned any value to it. Don't
you want to use the value that you just read from the Request.Form
collection?

"Chr(39)" is not an apostrophe, it's a string containing three
characters, a start parenthesis, two digits and an end parenthesis.
Simply use "'" instead.

You shouldn't replace the apostrophe with an html identifier. Storing
text where only some characters are html encoded makes it very difficult
when you fetch the data and want to encode it properly to display it.
Just replace it with double apostrophes to make it a proper SQL string:
"''".

sSQL = "INSERT INTO news(newsTitle, newsBody, newsDate) values('" &
Request.Form("newsTitle") & "','" & singlequote & "',#" & Date() &
"#)"

You have to replace apostrophes in the title too.

response.write sSQL

objConn.Execute(sSQL)

Response.Redirect "news.asp"

You have to close the database connection BEFORE you end the execution
by calling Response.Redirect.

 

[Rad [Visual C# MVP]]

I can do this in vb.net but I can not do it in this asp code.

the user is writing what ever text into a text box and posting it to a
access database. problem is when they use words such as (we'll, can't,
shouldn't,) it will not go in because of the single quote mark.

I am trying to replace any single quote mark with the HTML code
"‚"

so I recoded the .asp script and now get this error

**********************************************************
Microsoft VBScript runtime error '800a01a8'

Object required: ''

/admin/news_add_action.asp, line 8

*********************************************************

here is the code I've been using:

Set objConn = Server.CreateObject("ADODB.Connection")
objConn.Open sDSN

dim thenews

thenews.text = Request.form("newsbody")

dim singlequote

singlequote = Replace(singlequote, "Chr(39)", "‚")

sSQL = "INSERT INTO news(newsTitle, newsBody, newsDate) values('" &
Request.Form("newsTitle") & "','" & singlequote & "',#" & Date() &
"#)"

response.write sSQL

objConn.Execute(sSQL)

Response.Redirect "news.asp"

objConn.Close
Set objConn = NOTHING
%>

Parameterized queries friend! Will save you a lot of grief!!!