Escape Character and Parameter Queries
I am having an issue with a SQL query, I have only been using vb.net for 3 weeks so I hope this isn't too noobish (And I have searched the web high and low for my answers) Ok, I am writing an app to scan all my mp3s and extract the relevant information to an Artist, Album and Track table to SQL Server 2000 from the ID3v2 tags. This work fine but when an artist or song title has a ' in it, it skips that record. I tried the escape '' method and it inserts '' into the db. Now, I know I could just swap it back out when I call from the db but I want this to work with as few "fixes" as possible.
I read somewhere that parameter queries eliminate the need for escaping characters but I cannot find a good example of and Insert, Select, Update and delete parameter query.
Any help for a learner?
this is basically what I have:
Dim filename As String = ID3.FileName
name= name.Replace("'", "''")
sql = "INSERT INTO artist(ARid,Name,description) VALUES (" & ARid & " , '" & Name & "' , '" & none & "')"
Re: Escape Character and Parameter Queries
Re: Escape Character and Parameter Queries
Quote:
Originally Posted by wadam1230
nm, i found the answers.
Its always helpful if you post them for future users :)
