Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Are there escape characters for SQL?

Reply
Thread Tools

Are there escape characters for SQL?

 
 
=?Utf-8?B?YmFzdWxhc3o=?=
Guest
Posts: n/a
 
      07-07-2005
I think it is a very simple question, but i don't know the answer. I am
developing a web site in C# and ASP.NET . If an entry like "Here is Sam's
Pub" is entered into a Textbox exception occurs. Since " ' " character causes
problem. Are there any escape character? Or how can i solve this problem?
--
No Sign
 
Reply With Quote
 
 
 
 
Marina
Guest
Posts: n/a
 
      07-07-2005
The single quote is its own escape character. So you would use 2 in a
string, to signify to treat it as 1 literal single quote.

It is recommended that you use parameterized queries to avoid this problem.
Most importantly that you should always use it to prevent SQL injection
attacks.

"basulasz" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I think it is a very simple question, but i don't know the answer. I am
> developing a web site in C# and ASP.NET . If an entry like "Here is Sam's
> Pub" is entered into a Textbox exception occurs. Since " ' " character
> causes
> problem. Are there any escape character? Or how can i solve this problem?
> --
> No Sign



 
Reply With Quote
 
 
 
 
Patrice
Guest
Posts: n/a
 
      07-07-2005
Your quickest option is to replace ' inside the statement with ''.

Another (IMO better) option is to use parameters instead of building
statements into which you stuff values. It will avoid this problem as well
as possible formatting problems with decimal or date values caused by
writing their string representation right into the SQL statement... It helps
also to avoid SQL injection attacks...
--

Patrice

"basulasz" <(E-Mail Removed)> a écrit dans le message de
news:(E-Mail Removed)...
> I think it is a very simple question, but i don't know the answer. I am
> developing a web site in C# and ASP.NET . If an entry like "Here is Sam's
> Pub" is entered into a Textbox exception occurs. Since " ' " character

causes
> problem. Are there any escape character? Or how can i solve this problem?
> --
> No Sign



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Is there a function to remove escape characters from a string ? Stef Mientki Python 11 12-28-2008 02:19 AM
How to read strings cantaining escape character from a file and useit as escape sequences? slomo Python 5 12-02-2007 11:39 AM
trying out escape characters Griff Perl 6 08-20-2004 08:20 PM
What Happens To Escape Characters? Guadala Harry ASP .Net 3 08-19-2004 01:59 AM
Escape characters Maziar Aflatoun ASP .Net 3 12-05-2003 05:55 PM



Advertisments