Results 1 to 2 of 2
  1. #1

    Thread Starter
    Lively Member
    Join Date
    Apr 2010

    VB6: Single Quote input in string SQL

    I'm finishing a program, trying to get every single bug and error out of it. I have a combobox, wich includes some items with the single quote (all loaded from a database). After the selection of a quoted item, 3 labels are filled with the other items from that record. I use a stringSQL to do that. My program can handle all the other items, but not the ones with single quotes.

    How do I build my stringSQL, so that the item can contain single quotes (')?

    Last edited by JWJWJW; May 6th, 2010 at 03:02 AM.
    My Programming Software: Visual Basic 2010
    My Database Program: Office Access 2010

  2. #2
    .NUT jmcilhinney's Avatar
    Join Date
    May 2005
    Sydney, Australia

    Re: VB6: Single Quote input

    You should be using parameters to insert values into SQL code. This will not only avert issues with single quotes but, most importantly, protect you from SQL injection. The sticky FAQ thread at the top of this forum provides a link to a thread that explains the ins and outs of SQL parameters.

    If you decide to not use parameters for whatever reason then you'll have to escape the single quote with another single quote. You can just run every value through the Replace function so that any single quotes will be replaced by two single quotes (NOT a double quote!).
    Why is my data not saved to my database? | MSDN Data Walkthroughs
    VBForums Database Development FAQ
    My CodeBank Submissions: VB | C#
    My Blog: Data Among Multiple Forms (3 parts)
    Beginner Tutorials: VB | C# | SQL

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts


Click Here to Expand Forum to Full Width