-
SQL UPDATE statement
I'm having trouble with some string values being passed to a database with ASP. I'm building the string as follows:
conn.Execute "UPDATE Employees SET FirstName = '" & Request.Form("FirstName" & "', " ... and so on.
The problem lies where the string value contains special characters. e.g One of the string values might be:
"Hello World's"
If this string is passed to my database it stops at the sigle quote mark like so:
UPDATE Employees SET FirstName = 'Hello World'
Thus throwing up an error when getting to the next value. What can I do to get around this? I have tried Server.URLEncode but that passes (of course) the encoded version to the database. Is this the best option and then decode it somehow when I display the data later on??
Please help.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|