Help please.........

Printable View

Jan 10th, 2002, 12:18 AM
rookie_student

Help please.........

Hi, I just ran into a serious problem ( well for me it is ).
I'm developing a website, which allows the user to send each other messages in the form of mail. I store the message into my database and display it when needed.

Well the problem is this:

"INSERT INTO tblSomething( fldMessage ) VALUES( '" & strMessage & "' )"

The database will complain about this statement because strMessage may have ('), which well delimate the string value.

Is there an easier way to handle this situation rather than going through each character in strMessage and changing the (') to its code???:confused:

That could be devistating to the speed.:(

Try:

VB Code:

"INSERT INTO tblSomething( fldMessage ) VALUES(" & """" & strMessage & """" & " )"

Jan 10th, 2002, 12:27 AM
rookie_student

I just thought of something

If I convert the string into bytes, then maybe that'll solve the problem. Any suggestions???

Anybody know the convertion function? ( in ASP )
Jan 10th, 2002, 12:30 AM
rookie_student

Thanks Beacon but it didn't work.

--
Jan 10th, 2002, 12:39 AM
Beacon
Any errors???

Perhaps i had too many quotes
VB Code:
```
"INSERT INTO tblSomething( fldMessage ) VALUES(" & """" & strMessage & """" & " )
```
Not in ASP but this is how i got around using the ' with sql. It happens coz it's a special character!
VB Code:
```
rs1.Open "Select * FROM tbl_clientcd Where tbl_clientcd.[ClientCode] =""" & strcode & """;", cn1, adOpenKeyset, adLockPessimistic, adCmdText
```
Perhaps have a look at that!

good luck
b :)
Jan 10th, 2002, 12:54 AM
rookie_student

Didn't work

First - I think it's complaining because their " in the message also
Seoncd - When I removed all the " I got this error message:
'' is not a valid name. Make sure that it does not include invalid characters or punctuation and that it is not too long

So I'm not really sure what to do now.........

What do you think about converting into bytes, is it even feasable?

(Don't mind the typos)
Jan 10th, 2002, 01:04 AM
Beacon

Hmm weird i dont know asp that well but try PMing these 2 guys ask them to have a look at it:

Sail3005
JoshT

They know thier asp stuff well. But usually that works with SQL!
Jan 10th, 2002, 01:23 AM
veryjonny

hi

Perphaps u can try this two things:

Just before the insert

1)strMessage = replace(strMessage ,"'","''")

2)strMessage = server.htmlencode(strMessage )

Hope one of this helps u.:)

All times are GMT -5. The time now is 05:31 PM.