Help please.........

**rookie_student** · Jan 10th, 2002, 12:18 AM

Hi, I just ran into a serious problem ( well for me it is ).
I'm developing a website, which allows the user to send each other messages in the form of mail. I store the message into my database and display it when needed.

Well the problem is this:

"INSERT INTO tblSomething( fldMessage ) VALUES( '" & strMessage & "' )"

The database will complain about this statement because strMessage may have ('), which well delimate the string value.

Is there an easier way to handle this situation rather than going through each character in strMessage and changing the (') to its code???

That could be devistating to the speed.

**Beacon** · Jan 10th, 2002, 12:25 AM

Try:

VB Code:

"INSERT INTO tblSomething( fldMessage ) VALUES(" & """" & strMessage & """" & " )"

**rookie_student** · Jan 10th, 2002, 12:27 AM

If I convert the string into bytes, then maybe that'll solve the problem. Any suggestions???

Anybody know the convertion function? ( in ASP )

**rookie_student** · Jan 10th, 2002, 12:30 AM

--

**Beacon** · Jan 10th, 2002, 12:39 AM

Any errors???

Perhaps i had too many quotes

VB Code:

"INSERT INTO tblSomething( fldMessage ) VALUES(" & """" & strMessage & """" & " )

Not in ASP but this is how i got around using the ' with sql. It happens coz it's a special character!

VB Code:

rs1.Open "Select * FROM tbl_clientcd Where tbl_clientcd.[ClientCode] =""" & strcode & """;", cn1, adOpenKeyset, adLockPessimistic, adCmdText

Perhaps have a look at that!

good luck
b

**rookie_student** · Jan 10th, 2002, 12:54 AM

First - I think it's complaining because their " in the message also
Seoncd - When I removed all the " I got this error message:
'' is not a valid name. Make sure that it does not include invalid characters or punctuation and that it is not too long

So I'm not really sure what to do now.........

What do you think about converting into bytes, is it even feasable?

(Don't mind the typos)

**Beacon** · Jan 10th, 2002, 01:04 AM

Hmm weird i dont know asp that well but try PMing these 2 guys ask them to have a look at it:

Sail3005
JoshT

They know thier asp stuff well. But usually that works with SQL!

**veryjonny** · Jan 10th, 2002, 01:23 AM

Perphaps u can try this two things:

Just before the insert

1)strMessage = replace(strMessage ,"'","''")

2)strMessage = server.htmlencode(strMessage )

Hope one of this helps u.

Thread: Help please.........

Thread Tools

Display

Help please.........

I just thought of something

Thanks Beacon but it didn't work.

Didn't work

hi

Posting Permissions