|
-
March 4th, 2009, 02:31 PM
#1
query with "special" character to save
hi,
i need perform the following query to save into db the problem is sometimes the user
enter some characteres that interfer with the sql command for example
if the user enter this word: 'hello'
when i try save this result i error because the final query is this:
insert into x (v) values (''hello'') and for update this problem ocorr to
how can i save the value ' to the db replacing the ' charater for other?
thanks a lot for your help 
-
March 4th, 2009, 02:45 PM
#2
Re: query with "special" character to save
Use parameterized queiries.
Code:
DIM ID as integer = 15
dim MyName as String = "O'Riely"
SqlCommand.CommandText = "UPDATE TABLE SET MyName=@MN WHERE ID=@ID"
SqlCommand.Parameters.AddWithValue("@MN",MyName)
SqlCommand.Parameters.AddWithValue("@ID",ID)
SqlCommand.ExequteNonQuery
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
