Ray recently answered my question about apostrophe replacement with advice
on how to use 2 functions for hwich he gave me some code, called SafeIn and
Safeout
I'm having a hard time seeing the difference. In fact, the results are the
same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
15  3743 
Yes, they both do the same thing. But you do NOT pass that value through
the function when you are RETREIVING a value from the database. Is that
what you're doing? Are you doing something like:
Response.Write SafeIn(Recordset("item"))
Ray at work
"middletree" <mi********@htomail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl... Ray recently answered my question about apostrophe replacement with advice
on how to use 2 functions for hwich he gave me some code, called SafeIn
and Safeout
I'm having a hard time seeing the difference. In fact, the results are the
same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
I think he was just suggesting using a function to encapsulate the logic
instead of having to write out that replace() crap everywhere. He wasn't
trying to change the effect.
"middletree" <mi********@htomail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl... Ray recently answered my question about apostrophe replacement with advice
on how to use 2 functions for hwich he gave me some code, called SafeIn
and Safeout
I'm having a hard time seeing the difference. In fact, the results are the
same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
I am doing it when I do a request.form, before it goes into the database
"Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
news:eA*************@tk2msftngp13.phx.gbl... Yes, they both do the same thing. But you do NOT pass that value through
the function when you are RETREIVING a value from the database. Is that
what you're doing? Are you doing something like:
Response.Write SafeIn(Recordset("item"))
Ray at work
"middletree" <mi********@htomail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl... Ray recently answered my question about apostrophe replacement with
advice on how to use 2 functions for hwich he gave me some code, called SafeIn
and Safeout
I'm having a hard time seeing the difference. In fact, the results are
the same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
Well, my original question is, why am I getting that effect? So any help to
that end would be appreciated
"Foo Man Chew" <fo*@man.chew> wrote in message
news:uW*************@tk2msftngp13.phx.gbl... I think he was just suggesting using a function to encapsulate the logic
instead of having to write out that replace() crap everywhere. He wasn't
trying to change the effect.
"middletree" <mi********@htomail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl... Ray recently answered my question about apostrophe replacement with
advice on how to use 2 functions for hwich he gave me some code, called SafeIn
and Safeout
I'm having a hard time seeing the difference. In fact, the results are
the same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
> Well, my original question is, why am I getting that effect?
WHAT ARE YOU TALKING ABOUT?
Okay, here's the deal. Strings passed to SQL statements are delimited by
apostrophes ('). So, if you have an apostrophe in a name, you need to have
some way of telling the SQL statement that you do *not* want to end the
string there. So, the common term is called "escaping" - you double-up the
apostrophe so it is escaped before passing to the database. No idea why
you're concerned how an *ESCAPED* value prints to the screen... it's escaped
for the database, not the user. And if that's not your concern, maybe you
could be more specific.
Unless your request.form value actually has two apostrophes in it, you
shouldn't see two apostophes when you pull the value back out of the
database or look at it directly in the database. You aren't actually
inserting two into the database. '' = ' when inserted. I think we need to
see a sample of how this is happening to you.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:#5**************@TK2MSFTNGP12.phx.gbl... I am doing it when I do a request.form, before it goes into the database
"Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
news:eA*************@tk2msftngp13.phx.gbl... Yes, they both do the same thing. But you do NOT pass that value
through the function when you are RETREIVING a value from the database. Is that
what you're doing? Are you doing something like:
Response.Write SafeIn(Recordset("item"))
Ray at work
"middletree" <mi********@htomail.com> wrote in message
news:%2****************@TK2MSFTNGP11.phx.gbl... Ray recently answered my question about apostrophe replacement with advice on how to use 2 functions for hwich he gave me some code, called
SafeIn and Safeout
I'm having a hard time seeing the difference. In fact, the results are
the same.
Here's my old code:
Replace(Trim(Request.Form("InternalDesc")),"'","'' ")
and here is what Ray suggests:
SafeIn(Request.Form("InternalDesc"))
and
Function SafeIn(theString)
SafeIn = Replace(theString, "'", "''")
End Function
The results are the same: when I type in:
won't
One the page where it is displayed, it looks like:
won''t
I think he's doing this:
value = replace(value, "'", "''")
and then wondering why there are two apostrophes when he later does this:
response.write value
I am not clear on why you aren't clear on why I am concerned with how things
appear on the screen.
The user types in
won't
When another page loads some data, and they see the word now displayed as
won''t
then, that is the problem I am trying to overcome.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:uz**************@TK2MSFTNGP11.phx.gbl... Well, my original question is, why am I getting that effect?
WHAT ARE YOU TALKING ABOUT?
Okay, here's the deal. Strings passed to SQL statements are delimited by
apostrophes ('). So, if you have an apostrophe in a name, you need to
have some way of telling the SQL statement that you do *not* want to end the
string there. So, the common term is called "escaping" - you double-up
the apostrophe so it is escaped before passing to the database. No idea why
you're concerned how an *ESCAPED* value prints to the screen... it's
escaped for the database, not the user. And if that's not your concern, maybe you
could be more specific.
yes.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:#f**************@TK2MSFTNGP09.phx.gbl... I think he's doing this:
value = replace(value, "'", "''")
and then wondering why there are two apostrophes when he later does this:
response.write value
middletree wrote: I am not clear on why you aren't clear on why I am concerned with how
things appear on the screen.
The user types in
won't
When another page loads some data, and they see the word now
displayed as
won''t
then, that is the problem I am trying to overcome.
The issue is that you have not shown us how you process the value that you
receive from the database before response.writing it.
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
OK, I see the problem now. I was doing the replace both giong in and coming
out.
Sheesh!
My apologies for taking up everyone's time
or should that be everyone''s time
"Bob Barrows" <re******@NOyahoo.SPAMcom> wrote in message
news:uz**************@TK2MSFTNGP11.phx.gbl... middletree wrote: I am not clear on why you aren't clear on why I am concerned with how
things appear on the screen.
The user types in
won't
When another page loads some data, and they see the word now
displayed as
won''t
then, that is the problem I am trying to overcome.
The issue is that you have not shown us how you process the value that you
receive from the database before response.writing it.
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Think of it this way.
x = "q"
x = replace(x, "q", "aksdjf;adsf")
response.write x
What will you get? You won't get "q."
But what about :
sSQL = "insert into something (col) values ('" & replace(x, "q",
"kajsdflkjasdf") & "')"
oADO.Execute sSQL
Response.Write x
Since you never changed the value of x, it will still be the original value.
You shouldn't ever change the value of a user input for the sake of dealing
with '.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:#1**************@TK2MSFTNGP11.phx.gbl... yes.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:#f**************@TK2MSFTNGP09.phx.gbl... I think he's doing this:
value = replace(value, "'", "''")
and then wondering why there are two apostrophes when he later does
this:
response.write value
makes sense. thanks
"Ray at <%=sLocation%>" <myFirstNameATlane34dotKOMM> wrote in message
news:eh*************@TK2MSFTNGP11.phx.gbl... Think of it this way.
x = "q"
x = replace(x, "q", "aksdjf;adsf")
response.write x
What will you get? You won't get "q."
But what about:
sSQL = "insert into something (col) values ('" & replace(x, "q",
"kajsdflkjasdf") & "')"
oADO.Execute sSQL
Response.Write x
Since you never changed the value of x, it will still be the original
value. You shouldn't ever change the value of a user input for the sake of
dealing with '.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:#1**************@TK2MSFTNGP11.phx.gbl... yes.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:#f**************@TK2MSFTNGP09.phx.gbl... I think he's doing this:
value = replace(value, "'", "''")
and then wondering why there are two apostrophes when he later does this:
response.write value
but you have to change it, before submitting it into the database, right?
Because with those apostrophes there, it won't ever make it into the
database.
"Ray at <%=sLocation%>" <myFirstNameATlane34dotKOMM> wrote in message
news:eh*************@TK2MSFTNGP11.phx.gbl... Think of it this way.
x = "q"
x = replace(x, "q", "aksdjf;adsf")
response.write x
What will you get? You won't get "q."
But what about:
sSQL = "insert into something (col) values ('" & replace(x, "q",
"kajsdflkjasdf") & "')"
oADO.Execute sSQL
Response.Write x
Since you never changed the value of x, it will still be the original
value. You shouldn't ever change the value of a user input for the sake of
dealing with '.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:#1**************@TK2MSFTNGP11.phx.gbl... yes.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:#f**************@TK2MSFTNGP09.phx.gbl... I think he's doing this:
value = replace(value, "'", "''")
and then wondering why there are two apostrophes when he later does this:
response.write value
You have to make sure that your apostophes are handled, but you don't have
to change any values. You do:
sSQL = "insert into theTable (column) values ('" & SafeIn(theVar) & "')"
The value of theVar never changes. Does it matter? Sometimes yes,
sometimes no. But it's a pain if you change any values in your code,
because someone will later say "can you have the information e-mailed to me
also?" Then you have to alter your code to get rid of the doubled
apostrophes or rewrite your code or something.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:Or**************@tk2msftngp13.phx.gbl... but you have to change it, before submitting it into the database, right?
Because with those apostrophes there, it won't ever make it into the
database.
"Ray at <%=sLocation%>" <myFirstNameATlane34dotKOMM> wrote in message
news:eh*************@TK2MSFTNGP11.phx.gbl... Think of it this way.
x = "q"
x = replace(x, "q", "aksdjf;adsf")
response.write x
What will you get? You won't get "q."
But what about:
sSQL = "insert into something (col) values ('" & replace(x, "q",
"kajsdflkjasdf") & "')"
oADO.Execute sSQL
Response.Write x
Since you never changed the value of x, it will still be the original
value. You shouldn't ever change the value of a user input for the sake of
dealing with '.
Ray at home
"middletree" <mi********@htomail.com> wrote in message
news:#1**************@TK2MSFTNGP11.phx.gbl... yes.
"Foo Man Chew" <fo*@man.chew> wrote in message
news:#f**************@TK2MSFTNGP09.phx.gbl...
> I think he's doing this:
>
> value = replace(value, "'", "''")
>
> and then wondering why there are two apostrophes when he later does
this: >
> response.write value
>
>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: middletree |
last post by:
I know this is a very commonly asked question, but I can't find a solution
anywhere that I have looked.
I need to take the text that will be typed in paragraph form by the user
(textarea field)...
|
by: Michael Sterling |
last post by:
i'm using delphi 7 and have a query in which i'm trying to find names
that have an apostrophe in them, i.e. "o'mally". my problem is that
when i write my select statement i can't get the quotes...
|
by: Richard Hollenbeck |
last post by:
To prevent future apostrophe bugs and errors, isn't it just simpler to
forbid an apostrophe from being entered into a text field? For example,
couldn't "Alice's Restaurant" be changed to "Alices...
|
by: congngo |
last post by:
Hi all
Every time I export a table into an excel spreadsheet. It has a
leading apostrophe on every cells. This drive me nut. I have to do a
work around by export table into a txt file than...
|
by: spacehopper_man |
last post by:
hi -
I am having "apostrophe in sql" problems ;)
I am executing a stored procedure on SQL Server - and passing in a
string parameter.
the string has a single apostrophe in it.
the call...
|
by: Rose |
last post by:
Hi all,
I'm trying to create a clickable link, but the pesky apostrophe is
preventing the link from getting displayed properly. I'm displaying the
contents of a folder (with contains the...
|
by: Tom |
last post by:
Hi, I have some kind of problems with an apostrophe character ('). I would
like to select from DataTable DataRow containing value horses' (with an
apostrophe on the end). But when I do it in an...
|
by: Thomas 'PointedEars' Lahn |
last post by:
Jukka K. Korpela wrote:
IBTD. For example, in English it is customary (and AIUI expected) to use
the character that ’ represents should be used to delimit a quotation
within direct speech...
|
by: Razzbar |
last post by:
I'm working on a bookmarklet that grabs information from a page and
submits it to a server. Yet another social bookmarking application.
I'm having trouble with page titles that include an...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
