Results 1 to 6 of 6

Thread: [RESOLVED] SQL logic error in text with apostrophe

  1. Dec 14th, 2017, 10:23 AM #1
    threeeye
    threeeye is offline

    Thread Starter
    Hyperactive Member
    Join Date
    May 2011
    Posts
    256

    Resolved [RESOLVED] SQL logic error in text with apostrophe

    Hi guys,
    I have a similar problem as this thread http://www.vbforums.com/showthread.p...ter-in-textbox but a little bit different...
    When I have a text with apostrophe (') (eg: Text1.text = "na'eblis"), I get an "SQL logic error near "eblis": syntax error"
    The SQL can't deal with apostrophe in the textbox...
    Is there a way to check if there is an apostrophe in the text string and change it?
    Something like this:
    Normal code:
    Code:
    cmd.CommandText = "INSERT INTO Info (Name) VALUES ('" & Name.Text & "')"
    If there is an apostrophe in the text string:
    Code:
    Some code to split the text1.text string in to 3 (before apostrophe(str1), the apostrophe(str2) and after(str3))
    Then we combine the 3 and add the proper syntax to the apostrophe.
    But I can't think of the proper syntax for it...
    Can someone help?
    Thanks
    Reply With Quote Reply With Quote
  2. Dec 14th, 2017, 10:49 AM #2
    techgnome
    techgnome is offline
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,537

    Re: SQL logic error in text with apostrophe

    The direct answer to your question is yes, yes there is .... the real answer though is: don't do it, use parameters instead. This is why.
    Code:
    cmd.CommandText = "INSERT INTO Info (Name) VALUES (@NewName)"
cmd.Parameters.AddWithValue("@NewName", Name.Text)
    Now you don't care about apostrophes or other funky characters that break the SQL.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *
    Reply With Quote Reply With Quote
  3. Dec 14th, 2017, 12:04 PM #3
    Shaggy Hiker
    Shaggy Hiker is offline
    Super Moderator Shaggy Hiker's Avatar
    Join Date
    Aug 2002
    Location
    Idaho
    Posts
    39,038

    Re: SQL logic error in text with apostrophe

    Even better, you also don't have to worry about SQL injection exploits.
    My usual boring signature: Nothing
    Reply With Quote Reply With Quote
  4. Dec 14th, 2017, 12:34 PM #4
    si_the_geek
    si_the_geek is offline
    Super Moderator si_the_geek's Avatar
    Join Date
    Jul 2002
    Location
    Bristol, UK
    Posts
    41,930

    Re: SQL logic error in text with apostrophe

    For further explanation of various reasons why you should be using parameters (and links to code examples), see the article Why should I use Parameters instead of putting values into my SQL string? from our Database Development FAQs/Tutorials (at the top of the Database Development forum).
    (Microsoft MVP from July 2007 to June 2017) . . . . . . . . . . Hitchhiker's Guide to Getting Help at VBForums

    Database Development FAQs/Tutorials (updated May 2011) (includes fixing common DB related errors, and [VB.Net] ADO.Net Tutorial, and [Classic VB] ADO tutorial /further steps)
    other useful DB bits: . Connection strings (alternative copy).. MDAC/Jet/ACE downloads .. SQL Server downloads .

    Classic VB FAQs (updated Oct 2010) (includes fixing common VB errors)
    some of my Classic VB bits: . Tutorial: How to automate Excel from VB6 (or VB5/VBA) .. SQL 'Select' statement formatter/checker .. Convert colour number to colour name .. FlexGrid: fill from recordset .. FlexGrid: AutoSize columns .. DB Reserved Words checker .
    Reply With Quote Reply With Quote
  5. Dec 16th, 2017, 09:54 AM #5
    threeeye
    threeeye is offline

    Thread Starter
    Hyperactive Member
    Join Date
    May 2011
    Posts
    256

    Re: SQL logic error in text with apostrophe

    Thanks guys
    I read all the links, and I see the error in my ways...
    I will change my code and write back (on Tue - I hope)

    Thanks for the help
    Reply With Quote Reply With Quote
  6. Dec 19th, 2017, 08:51 AM #6
    threeeye
    threeeye is offline

    Thread Starter
    Hyperactive Member
    Join Date
    May 2011
    Posts
    256

    Re: SQL logic error in text with apostrophe

    Quote Originally Posted by techgnome View Post
    The direct answer to your question is yes, yes there is .... the real answer though is: don't do it, use parameters instead. This is why.
    Code:
    cmd.CommandText = "INSERT INTO Info (Name) VALUES (@NewName)"
cmd.Parameters.AddWithValue("@NewName", Name.Text)
    Now you don't care about apostrophes or other funky characters that break the SQL.

    -tg
    This worked perfectly
    Thanks for the help
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width