469,626 Members | 1,760 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,626 developers. It's quick & easy.

Issues with ' and %27

I am having difficulty fixing a problem with one of my apps. I know that
using an apostrophe will error the SQL statement out, since it thinks that
the apostrophe is the end of the statement. My issue is that I have replace
code in my app that is *supposed* to replace the apostrophe with double
quotes. This has been working fine, no complaints until a user tried to
insert the word, does'nt (I know, it is spelled incorrectly, but ASP
shouldn't care). The form data shows the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...

Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?

Thanks,
Drew
Aug 31 '06 #1
2 1665
Drew wrote on 31 aug 2006 in microsoft.public.inetserver.asp.general:
I am having difficulty fixing a problem with one of my apps. I know
that using an apostrophe will error the SQL statement out, since it
thinks that the apostrophe is the end of the statement. My issue is
that I have replace code in my app that is *supposed* to replace the
apostrophe with double quotes. This has been working fine, no
complaints until a user tried to insert the word, does'nt (I know, it
is spelled incorrectly, but ASP shouldn't care). The form data shows
the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...

Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?
Replace the apostroph with a single back quote [accent grave].

O'Brien -O`Brien

[In screen output, you can (re)place the apostrophe back,
but it doesn`t bother me in Dutch]

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Aug 31 '06 #2
Drew wrote:
I am having difficulty fixing a problem with one of my apps. I know
that using an apostrophe will error the SQL statement out, since it
thinks that the apostrophe is the end of the statement.
That only happens if you are using dynamic sql. See here for a better
way:
http://groups-beta.google.com/group/...e36562fee7804e
My issue is
that I have replace code in my app that is *supposed* to replace the
apostrophe with double quotes.
Do you mean two apostrophes? That's the correct way to escape single
quotes in sql statements, not double quotes
This has been working fine, no
complaints until a user tried to insert the word, does'nt (I know, it
is spelled incorrectly, but ASP shouldn't care). The form data shows
the line to be,

StaffHowToSpendTimeWork=Name+does%27nt+like...
Huh? The user typed in "%27"?
>
Now my replace code looks like this,

dim StaffHowtToSpendTimeWork
StaffHowToSpendTimeWork = Request.Form("StaffHowToSpendTimeWork")
StaffHowtToSpendTimeWork = replace(StaffHowToSpendTimeWork,"'","''")

Is there a difference between ' and %27? How can I fix this?
Stop doing this replacement. Use parameters.

--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Aug 31 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Tom Loredo | last post: by
28 posts views Thread by grahamd | last post: by
5 posts views Thread by sandy | last post: by
1 post views Thread by Aliandro | last post: by
2 posts views Thread by G2 | last post: by
1 post views Thread by GaryDean | last post: by
3 posts views Thread by eschneider | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.