«

I'm sure this has to be a simple fix. I just cannot figure it out.

To resolve the typical apostrope issue, I have the
acarriername = Replace(txtcarriername.text, "'", "''")

My problem is that 2 apostrophes are now inserted, instead of one. For
example if someone types in IT'S NICE, when it is displayed in the input
text box later (to allow a user to change it), it says IT''S NICE.

This is a sql 2000 database.

Thanks for the help.




*** Sent via Developersdex http://www.developersdex.com ***

How are you inserting the data into the database? If you are using a
command object and passing the values into a parameter, you don't need to do
the replace since it is handled for you by the provider.

Can you show all of your code so we don't have to guess and grasp at straws?




"Joey Martin" <> wrote in message
news:%...
> I'm sure this has to be a simple fix. I just cannot figure it out.
>
> To resolve the typical apostrope issue, I have the
> acarriername = Replace(txtcarriername.text, "'", "''")
>
> My problem is that 2 apostrophes are now inserted, instead of one. For
> example if someone types in IT'S NICE, when it is displayed in the input
> text box later (to allow a user to change it), it says IT''S NICE.
>
> This is a sql 2000 database.
>
> Thanks for the help.
>
>
>
>
> *** Sent via Developersdex http://www.developersdex.com ***

Joey Martin wrote:
> I'm sure this has to be a simple fix. I just cannot figure it out.
>
> To resolve the typical apostrope issue, I have the
> acarriername = Replace(txtcarriername.text, "'", "''")
>
> My problem is that 2 apostrophes are now inserted, instead of one. For
> example if someone types in IT'S NICE, when it is displayed in the
> input text box later (to allow a user to change it), it says IT''S
> NICE.
>
Only do the replace when writing the data into the database. Do not do it
any other time.

Better yet, stop using dynamic sql. The only reason you have to escape the
apostrophe is because you are not using parameters. See these:

http://groups.google.com/groups?hl=e...tngp13.phx.gbl
http://groups-beta.google.com/group/...e36562fee7804e
http://tinyurl.com/jyy0

If this does not answer your question, post a short repro script so we can
see what you're doing.

HTH,
Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.

Current code:

Set RS = Server.CreateObject("ADODB.Recordset")
sqlUpdate = "SELECT * FROM ricprops WHERE propno='" & Request("id") &
"'"

RS.open sqlUpdate,Conn,1,3
RS("comments") = Replace(Request.form("comments"), "'", "''")
RS.Update
RS.Close




*** Sent via Developersdex http://www.developersdex.com ***

Ugh. How about:

comments = replace(request.form("comments"), "'", "''")
id = replace(request.form("id"), "'", "''")
sql = "UPDATE ricprops SET comments = '" & comments & "' WHERE propno='" &
id & "'"
conn.execute sql,,129

Or see Bob's link.

Note you should use request.form() not the lazy request().

Also, why is the column propno a character datatype? Terrible name--no
implies number.

Bob,
Not sure I understand your comments about not using dynamic sql. I read
the documents and it seems as if I do it the correct way. USUALLY, I do
not use a recordset to update variables. My current code does, because
it's old code and I never re-wrote it. Usually, I do the following:

if request("submit")<> "" then
v1=Replace(Request.form("v1"), "'", "''")
v2=Replace(Request.form("v2"), "'", "''")

sql="update table set v1='" & v1 & "',v2='" & v2 & "' where id='1'"
conn.execute (sql)



Is that incorrect? Doing it this way, I still get the double apostrophe.




*** Sent via Developersdex http://www.developersdex.com ***

Aaron,

What made you think propno is a CHAR datatype? It is INT.
The way you wrote the code is how I USUALLY do it.
But, doing it that way,as you wrote, I still receive double apostrophes.

THANKS!!


*** Sent via Developersdex http://www.developersdex.com ***

> sql="update table set v1='" & v1 & "',v2='" & v2 & "' where id='1'"
> conn.execute (sql)
>
>
>
> Is that incorrect? Doing it this way, I still get the double apostrophe.

Then you are also doing the replace when you DISPLAY the data, which you
shouldn't be doing.

> What made you think propno is a CHAR datatype? It is INT.

Because in your query, you surround it with quotes:

> WHERE propno='" & Request("id") & "'"

If it's an INT, don't do that!

A

Aaron,

When displaying the data in my textarea box, here is the code:
<textarea cols="30" rows="10"
name="comments"><%=trim(rs("comments"))%></textarea>


At that time, it displays IT''S NICE.





*** Sent via Developersdex http://www.developersdex.com ***