Answers

How do I: Replace single quotes in my sql statemnet?

Gustavo

15y

5.9k

Hello:

I have a sql command to execute but some times there is a single quote in the textBox and it messes me up. How can I allow to save the single quote to the sql table?

Answers (6)

.NET:
   string userString = textBox1.Text;
   string replacedString = userString.Replace("'", "''");

SQL:
   replacedString = Replace(userString,"'","''")

Hope this helps.

Accepted

Hi Giorgio,
Whenever you have single quotes, replace them with 2 single quotes. That should work.

Nainil:

Yes, thank you.

Nainil:

Can you give me a sample code of the 2 types?

Giorgio,
You can either use .NET string.Replace() method to replace any single quotes with 2 single qoutes or you can use T-SQL's Replace function. Since the value being inserted is passed in as a SqlParameter.Value property, you can run the Replace function through it and ensure that any string being passed to the stored procedure is clean. Hope this helps.

Nainil:

Yes, if it was a string. But it will be some text that the user entered. Is there a way to do it automatically when I put it into the sql command to save it?

Next Recommended Forum

How do I: Create a class to do some database functions?

Changing the name of a namespace

Forum Statistics

Please welcome our newest member Ck. Nitin.
2,381,234 users have contributed to 122,524 threads and 389,030
In the past 24 hours, we have 0 new threads, 0 new posts, and 1 new users.
In last week, the most popular thread is 'What is p0.dev'.

Upcoming events

View all