Results 1 to 2 of 2

Thread: Single Quote in where clause causing problems.

  1. Nov 16th, 2009, 01:49 PM #1
    Proctor
    Proctor is offline

    Thread Starter
    Fanatic Member
    Join Date
    Mar 2008
    Posts
    513

    Single Quote in where clause causing problems.

    Hello: i have a simple select statement and i ran accross a situation where it's erroring out because of a single quote that a user assigned to the customer name:

    select * from tblCustomer where customername='PLATO'S'

    here's my sql:
    select * from tblCustomer where customername='" & sCustomerName & '"

    I would like to allow the user to insert customer's w/ the single quote.
    Is there a way to change my syntex so that I can allow for them?

    e.g. i can use instr to determine if the customer name has a single quote and then if it does, I can replace it with the correct syntax needed for the sql?

    thanks for your help,
    Proctor
    Reply With Quote Reply With Quote
  2. Nov 16th, 2009, 01:52 PM #2
    si_the_geek
    si_the_geek is offline
    Super Moderator si_the_geek's Avatar
    Join Date
    Jul 2002
    Location
    Bristol, UK
    Posts
    41,974

    Re: Single Quote in where clause causing problems.

    There are various ways to solve it, the best of them is to avoid that issue (and others) by using Parameters.

    For an explanation of why you should be using parameters (and links to code examples), see the article Why should I use Parameters instead of putting values into my SQL string? from our Database Development FAQs/Tutorials (at the top of this forum).
    (Microsoft MVP from July 2007 to June 2017) . . . . . . . . . . Hitchhiker's Guide to Getting Help at VBForums

    Database Development FAQs/Tutorials (updated May 2011) (includes fixing common DB related errors, and [VB.Net] ADO.Net Tutorial, and [Classic VB] ADO tutorial /further steps)
    other useful DB bits: . Connection strings (alternative copy).. MDAC/Jet/ACE downloads .. SQL Server downloads .

    Classic VB FAQs (updated Oct 2010) (includes fixing common VB errors)
    some of my Classic VB bits: . Tutorial: How to automate Excel from VB6 (or VB5/VBA) .. SQL 'Select' statement formatter/checker .. Convert colour number to colour name .. FlexGrid: fill from recordset .. FlexGrid: AutoSize columns .. DB Reserved Words checker .
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


Click Here to Expand Forum to Full Width