473,574 Members | 2,389 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

form field chars

Hi,

I have a form where the user enters a customer name, then clicks the submit
button which then adds it to a database. This works absolutely fine untill
the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'

any help would be great, and yes I'm a newbie!!
thanks in advance

Paul
Jan 19 '06 #1
5 1847
"Paul Malbon" <no****@all.com > wrote:
Hi,

I have a form where the user enters a customer name, then clicks the submit
button which then adds it to a database. This works absolutely fine untill
the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'


Most likely the apostrophe appears as an extra delimiter in the SQL
statement that's used to update the DB. The solution is to double the
apostrophe before presenting the field to the database.

--
Tim Slattery
MS MVP(DTS)
Sl********@bls. gov
Jan 19 '06 #2
Paul Malbon wrote:
Hi,

I have a form where the user enters a customer name, then clicks the
submit button which then adds it to a database. This works absolutely
fine untill the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'

any help would be great, and yes I'm a newbie!!
thanks in advance

Another delimiter problem caused by the use of dynamic sql instead of
parameters. Tim explained about escaping your apostrophe by doubling it, but
there are other potential problems caused by the use of dynamic sql. Read:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl

http://groups.google.com/groups?hl=e...tngp13.phx.gbl

Using Command object to parameterize CommandText:
http://groups-beta.google.com/group/...e36562fee7804e

HTH,
Bob Barrows

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Jan 19 '06 #3
Thanks for the reply tim. I should have been a bit more clearer in my post.
I realise that the error is caused by the apostrophe.

You say double the apostrophe. Do you mind me asking how I would do that?
This web based form will be used by people who generally dont use the
internet and to ask them to 'double apostrophe' would confuse them no end!!

Thanks again for your assitance
"Tim Slattery" <Sl********@bls .gov> wrote in message
news:9v******** *************** *********@4ax.c om...
"Paul Malbon" <no****@all.com > wrote:
Hi,

I have a form where the user enters a customer name, then clicks the
submit
button which then adds it to a database. This works absolutely fine untill
the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'


Most likely the apostrophe appears as an extra delimiter in the SQL
statement that's used to update the DB. The solution is to double the
apostrophe before presenting the field to the database.

--
Tim Slattery
MS MVP(DTS)
Sl********@bls. gov

Jan 19 '06 #4
No no no. He's telling you to do it in your code that builds the sql
statement that inserts the value into your database. See
http://groups.google.com/group/micro...UTF-8&oe=UTF-8

dim s, sql
s=request.form( "form_field ")
s=replace(s,"'" ,"''")
sql="insert into ... values ('" & s & "', ...)"
Paul Malbon wrote:
Thanks for the reply tim. I should have been a bit more clearer in my
post. I realise that the error is caused by the apostrophe.

You say double the apostrophe. Do you mind me asking how I would do
that? This web based form will be used by people who generally dont
use the internet and to ask them to 'double apostrophe' would confuse
them no end!!
Thanks again for your assitance
"Tim Slattery" <Sl********@bls .gov> wrote in message
news:9v******** *************** *********@4ax.c om...
"Paul Malbon" <no****@all.com > wrote:
Hi,

I have a form where the user enters a customer name, then clicks the
submit
button which then adds it to a database. This works absolutely fine
untill the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'


Most likely the apostrophe appears as an extra delimiter in the SQL
statement that's used to update the DB. The solution is to double the
apostrophe before presenting the field to the database.

--
Tim Slattery
MS MVP(DTS)
Sl********@bls. gov


--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
Jan 19 '06 #5
Reading and digesting now. Thanks for your time
"Bob Barrows [MVP]" <re******@NOyah oo.SPAMcom> wrote in message
news:uV******** ******@TK2MSFTN GP14.phx.gbl...
Paul Malbon wrote:
Hi,

I have a form where the user enters a customer name, then clicks the
submit button which then adds it to a database. This works absolutely
fine untill the name has an apostrophe in it.

eg when the name entered is O'Hanlon and its submitted, I get this
error.....
Microsoft JET Database Engine (0x80040E14)
Syntax error (missing operator) in query expression ''O'Hanlon'

any help would be great, and yes I'm a newbie!!
thanks in advance

Another delimiter problem caused by the use of dynamic sql instead of
parameters. Tim explained about escaping your apostrophe by doubling it,
but there are other potential problems caused by the use of dynamic sql.
Read:
http://mvp.unixwiz.net/techtips/sql-injection.html
http://www.google.com/groups?hl=en&l...TNGP12.phx.gbl

http://groups.google.com/groups?hl=e...tngp13.phx.gbl

Using Command object to parameterize CommandText:
http://groups-beta.google.com/group/...e36562fee7804e

HTH,
Bob Barrows

--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Jan 19 '06 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
5672
by: Juergen Gerner | last post by:
Hello Python fans, I'm trying and searching for many days for an acceptable solution... without success. I want to store files in a database using BLOB fields. The database table has an ID field (INT, auto_increment), an ORDER field (INT, for knowing the right order) and a "normal" BLOB field. It is planned to split large files in 64k-parts...
2
14270
by: fish | last post by:
Hi, I have an HTML page with a FORM and some input fields. On the fields I wish to do validation as the punters change the field values. If they get it wrong, then I tell them and then wish to put the focus back to the offending field. ( It works if a use an 'onblur' event but not an 'onchange' )
10
1876
by: Ed | last post by:
Hoping someone an assist me urgently. I would truly appreciate and help. I have a form and prices are based on 'price break'. 1.The price break fields work fine, but I cannot for the life of me add more than one to a page. 2. Also need to add the two results to a 'total' field. (See code attached). Many thanks in advance.
5
3583
by: Axel | last post by:
Hi in T-SQL, (how) is it possible to concatenate 3 (varchar) fields into one; either in a SQL query or through a calculated field (or using a view, if anybody can explain to me how to use views), according to the following rules: {
1
2295
by: svet | last post by:
Hello, I need to import data into integer field in Access but would like to trim the lenght of the field to 4 char. long instead of the default six char. long. This is important, because on export, I need to export the data into fixed- width format, and the length of the integers cannot be more the 4 chars long. Is there a way to change the...
4
10256
by: Louis | last post by:
I'm using a form to append records to a Request table. On the form is a Text Box for users to enter the description of the request and it can be quite lengthy. When I use an append query to capture the content of the form (each element mapped to a specific field in the Request table) the record will be appended perfectly as long as the text...
13
2500
by: MLH | last post by:
I have a form with two controls: !! - combo box !! - text box A button on the form tries to run this SQL when clicked... INSERT INTO BodyMsgsSent (ToWhom, BodyText) SELECT DISTINCTROW !! AS MyTargets, !! AS MyList; When the SQL runs, it fails with msg saying "Field length is too
7
6976
by: h7qvnk7q001 | last post by:
I'm trying to implement a simple server-side form validation (No Javascript). If the user submits a form with errors, I want to redisplay the same form with the errors highlighted. Once the form is correct I need to submit to another page that uses the form data. I first tried making the form submit action= field point to the same file....
16
1357
by: Summercool | last post by:
the sticky form is that if validation didn't pass, re-display the form with the value in the text input again (and for other input field as well...) no book I read did it correctly so far. (just for the text input) to reduce the problem, how about write a PHP program that will submit to itself, so that typing in
6
1783
by: manifestcomms | last post by:
Hello, I have a form which requires the fields to be valid before the buttons become active. In particular I am having a problem with the email address field. The form is written in PHP using a print function but thats not relevant to my problem. (I am just telling you so it makes it easier to understand why I have used escape chars around...
0
7720
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
8044
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
1
7810
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
6451
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
0
5299
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3739
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3749
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2240
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
0
1056
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.