By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
432,245 Members | 884 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 432,245 IT Pros & Developers. It's quick & easy.

Server.URLEncode :-(

P: n/a
Hi there,

I am having trouble with some data that is ripped from a SQL database and
displayed as a hyperlink.
The hyperlink inserts the data into a querystring so the next page can read
it.

However, some of the data has apostrophies (') in it, so the page does not
redirect properly (invalid syntax) because of the apostrophy.
so i tried to use the URL encode to get around this to no avail - it doesnt
work.
The hyperlink is as follows, is this correct - if so why aint it working
:-( ? and is this the "best" way to get around this problem?

*****

<a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
=RS("Value")%></a>

*****

Thanks
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
Jul 19 '05 #1
Share this Question
Share on Google+
22 Replies


P: n/a
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:um**************@TK2MSFTNGP09.phx.gbl...
However, some of the data has apostrophies (') in it, so the page does not
redirect properly (invalid syntax) because of the apostrophy.
so i tried to use the URL encode to get around this to no avail - it doesnt work.
The hyperlink is as follows, is this correct - if so why aint it working
:-( ? and is this the "best" way to get around this problem?

*****

<a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
=RS("Value")%></a>

*****


You are missing an equal sign or Response.Write statement before
server.URLEncode, and you have an equal sign incorrectly before RS("Value").
Try this:
<a href=
"page2.asp?DATA=<%=server.URLEncode(RS("Value"))%> "><%=RS("Value")%></a>

Regards,
Peter Foti

Jul 19 '05 #2

P: n/a
An apostrophe in a URL shouldn't matter. In what way, "aint it working?"
Do you get an error? What is the value of RS("Value")? What does your link
look like in a view source? When does the error occur? In what code does
the error occur?

Ray at work
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:um**************@TK2MSFTNGP09.phx.gbl...
Hi there,

I am having trouble with some data that is ripped from a SQL database and
displayed as a hyperlink.
The hyperlink inserts the data into a querystring so the next page can read it.

However, some of the data has apostrophies (') in it, so the page does not
redirect properly (invalid syntax) because of the apostrophy.
so i tried to use the URL encode to get around this to no avail - it doesnt work.
The hyperlink is as follows, is this correct - if so why aint it working
:-( ? and is this the "best" way to get around this problem?

*****

<a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
=RS("Value")%></a>

*****

Thanks
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com

Jul 19 '05 #3

P: n/a
OK,

The apostrophy goes fine in the URL. But its when the next page tries to
read it and issue a SELECT statement in accordance to this data that it all
goes pear shaped.

The select statement is as follows.

***
Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & request.querystring("Value") & "'")
***

Even with the URL encode in the URL, the page still errors saying "Incorrect
syntax near 'S'." the data in question is

---> "St Mathew's Park"

Not all the data has an apostrophy, and this works, i just need a universal
solution to make sure the data is ok (i dont fully understand how to
encorporate a Replace function)
Why isnt the URL Encode working in this case???

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:#h**************@TK2MSFTNGP09.phx.gbl...
An apostrophe in a URL shouldn't matter. In what way, "aint it working?"
Do you get an error? What is the value of RS("Value")? What does your link look like in a view source? When does the error occur? In what code does
the error occur?

Ray at work
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:um**************@TK2MSFTNGP09.phx.gbl...
Hi there,

I am having trouble with some data that is ripped from a SQL database and displayed as a hyperlink.
The hyperlink inserts the data into a querystring so the next page can

read
it.

However, some of the data has apostrophies (') in it, so the page does not redirect properly (invalid syntax) because of the apostrophy.
so i tried to use the URL encode to get around this to no avail - it

doesnt
work.
The hyperlink is as follows, is this correct - if so why aint it working
:-( ? and is this the "best" way to get around this problem?

*****

<a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
=RS("Value")%></a>

*****

Thanks
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com


Jul 19 '05 #4

P: n/a
You need to replace single quotes with two single quotes.
http://www.aspfaq.com/2035

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:Oy**************@TK2MSFTNGP11.phx.gbl...
OK,

The apostrophy goes fine in the URL. But its when the next page tries to
read it and issue a SELECT statement in accordance to this data that it all goes pear shaped.

The select statement is as follows.

***
Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & request.querystring("Value") & "'")
***

Even with the URL encode in the URL, the page still errors saying "Incorrect syntax near 'S'." the data in question is

---> "St Mathew's Park"

Not all the data has an apostrophy, and this works, i just need a universal solution to make sure the data is ok (i dont fully understand how to
encorporate a Replace function)
Why isnt the URL Encode working in this case???

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:#h**************@TK2MSFTNGP09.phx.gbl...
An apostrophe in a URL shouldn't matter. In what way, "aint it working?"
Do you get an error? What is the value of RS("Value")? What does your link
look like in a view source? When does the error occur? In what code does the error occur?

Ray at work
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:um**************@TK2MSFTNGP09.phx.gbl...
Hi there,

I am having trouble with some data that is ripped from a SQL database

and displayed as a hyperlink.
The hyperlink inserts the data into a querystring so the next page can

read
it.

However, some of the data has apostrophies (') in it, so the page does not
redirect properly (invalid syntax) because of the apostrophy.
so i tried to use the URL encode to get around this to no avail - it

doesnt
work.
The hyperlink is as follows, is this correct - if so why aint it

working :-( ? and is this the "best" way to get around this problem?

*****

<a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
=RS("Value")%></a>

*****

Thanks
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com



Jul 19 '05 #5

P: n/a
have "tried" to implement this before, but i cant get it to work, im not
entirely sure where to put it (in the hyperlink or the SELECT statement???)

How can i fit this into my code in order to ignore the apostrophy carried
accross in the URL.

sorry, i am new to ASP

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:eY**************@TK2MSFTNGP09.phx.gbl...
You need to replace single quotes with two single quotes.
http://www.aspfaq.com/2035

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:Oy**************@TK2MSFTNGP11.phx.gbl...
OK,

The apostrophy goes fine in the URL. But its when the next page tries to
read it and issue a SELECT statement in accordance to this data that it all
goes pear shaped.

The select statement is as follows.

***
Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & request.querystring("Value") & "'")
***

Even with the URL encode in the URL, the page still errors saying

"Incorrect
syntax near 'S'." the data in question is

---> "St Mathew's Park"

Not all the data has an apostrophy, and this works, i just need a

universal
solution to make sure the data is ok (i dont fully understand how to
encorporate a Replace function)
Why isnt the URL Encode working in this case???

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Ray at <%=sLocation%> [MVP]" <myfirstname at lane34 dot com> wrote in
message news:#h**************@TK2MSFTNGP09.phx.gbl...
An apostrophe in a URL shouldn't matter. In what way, "aint it working?" Do you get an error? What is the value of RS("Value")? What does your
link
look like in a view source? When does the error occur? In what code does the error occur?

Ray at work
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:um**************@TK2MSFTNGP09.phx.gbl...
> Hi there,
>
> I am having trouble with some data that is ripped from a SQL
database
and
> displayed as a hyperlink.
> The hyperlink inserts the data into a querystring so the next page

can read
> it.
>
> However, some of the data has apostrophies (') in it, so the page

does
not
> redirect properly (invalid syntax) because of the apostrophy.
> so i tried to use the URL encode to get around this to no avail - it
doesnt
> work.
> The hyperlink is as follows, is this correct - if so why aint it

working > :-( ? and is this the "best" way to get around this problem?
>
> *****
>
> <a href= "page2.asp?DATA=<% server.URLEncode(=RS("Value"))%>"><%
> =RS("Value")%></a>
>
> *****
>
> Thanks
> --
> Thanks in advance
>
> Fawke
>
> Please remove ANTI and SPAM
> from my email address before emailing me.
>
> www.bradflack.com
>
>



Jul 19 '05 #6

P: n/a
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:O6**************@TK2MSFTNGP10.phx.gbl...
have "tried" to implement this before, but i cant get it to work, im not
entirely sure where to put it (in the hyperlink or the SELECT statement???)
How can i fit this into my code in order to ignore the apostrophy carried
accross in the URL.


Did you see my other post? The problem that I saw was that you had the
equal sign in the wrong spot. Your code should looked like this:
<a href=
"page2.asp?DATA=<%=server.URLEncode(RS("Value"))%> "><%=RS("Value")%></a>

And then on the page that processes it:
Function sql_quote(str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & sql_quote(request.querystring("Value")) & "'")

Regards,
Peter Foti
Jul 19 '05 #7

P: n/a
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing
something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................
Page 1 gets the data in accordance to what is selected from an initial list
box, and displays the entries (inc. the one with the apostrophy). The link
is clicked and goes to Page 2 and so on............

Hope this clears it up a bit?
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:O6**************@TK2MSFTNGP10.phx.gbl...
have "tried" to implement this before, but i cant get it to work, im not
entirely sure where to put it (in the hyperlink or the SELECT

statement???)

How can i fit this into my code in order to ignore the apostrophy carried accross in the URL.


Did you see my other post? The problem that I saw was that you had the
equal sign in the wrong spot. Your code should looked like this:
<a href=
"page2.asp?DATA=<%=server.URLEncode(RS("Value"))%> "><%=RS("Value")%></a>

And then on the page that processes it:
Function sql_quote(str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & sql_quote(request.querystring("Value")) & "'")

Regards,
Peter Foti

Jul 19 '05 #8

P: n/a
You know what? You would reduce a lot of complexity by using primary keys
such as a numeric identifier and passing them from page to page. I'm going
in circles here trying to figure out where you're losing the repeated
apostrophe. This wouldn't happen with numbers.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing
something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................
Page 1 gets the data in accordance to what is selected from an initial list box, and displays the entries (inc. the one with the apostrophy). The link
is clicked and goes to Page 2 and so on............

Hope this clears it up a bit?
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:O6**************@TK2MSFTNGP10.phx.gbl...
have "tried" to implement this before, but i cant get it to work, im not entirely sure where to put it (in the hyperlink or the SELECT

statement???)

How can i fit this into my code in order to ignore the apostrophy carried accross in the URL.


Did you see my other post? The problem that I saw was that you had the
equal sign in the wrong spot. Your code should looked like this:
<a href=
"page2.asp?DATA=<%=server.URLEncode(RS("Value"))%> "><%=RS("Value")%></a>

And then on the page that processes it:
Function sql_quote(str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & sql_quote(request.querystring("Value")) & "'")

Regards,
Peter Foti


Jul 19 '05 #9

P: n/a
I agree, however i didnt design the database and it would be imposible now
to enforce such a move. I appreciate your help on this and you're right, it
would be alot easier to use numbers. Not possible though, All i want to do
is remove the bloody thing !!! :-(

Sorry and thanks again

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:Oy**************@TK2MSFTNGP11.phx.gbl...
You know what? You would reduce a lot of complexity by using primary keys
such as a numeric identifier and passing them from page to page. I'm going in circles here trying to figure out where you're losing the repeated
apostrophe. This wouldn't happen with numbers.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing
something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................
Page 1 gets the data in accordance to what is selected from an initial

list
box, and displays the entries (inc. the one with the apostrophy). The link
is clicked and goes to Page 2 and so on............

Hope this clears it up a bit?
--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:O6**************@TK2MSFTNGP10.phx.gbl...
> have "tried" to implement this before, but i cant get it to work, im

not > entirely sure where to put it (in the hyperlink or the SELECT
statement???)
>
> How can i fit this into my code in order to ignore the apostrophy

carried
> accross in the URL.

Did you see my other post? The problem that I saw was that you had the equal sign in the wrong spot. Your code should looked like this:
<a href=
"page2.asp?DATA=<%=server.URLEncode(RS("Value"))%> "><%=RS("Value")%></a>
And then on the page that processes it:
Function sql_quote(str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM VIEW1 WHERE
VIEW1.COL3='" & sql_quote(request.querystring("Value")) & "'")

Regards,
Peter Foti



Jul 19 '05 #10

P: n/a
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing
something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................

You're making this difficult to debug... which is the correct querystring
variable name, "value" or "value1"? On page1.asp you called it "value" and
on page 2 you are trying to reference "value1". In addition, you used the
fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT??? Also,
your query on page2.asp is pulling from table "view2", but using a value
from "view1"???? Are these cut and paste errors?

Peter
PS- Odd naming convention (giving the sql_quote function all uppercase
letters... very strange).
Jul 19 '05 #11

P: n/a
I think if Fawke101 were to use real column/parameter names instead of
kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this a
lot quicker.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing
something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................

You're making this difficult to debug... which is the correct querystring
variable name, "value" or "value1"? On page1.asp you called it "value"

and on page 2 you are trying to reference "value1". In addition, you used the
fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT??? Also, your query on page2.asp is pulling from table "view2", but using a value
from "view1"???? Are these cut and paste errors?

Peter
PS- Odd naming convention (giving the sql_quote function all uppercase
letters... very strange).

Jul 19 '05 #12

P: n/a
jesus man, i didnt mean to annoy anyone.
Il post the "actual" code.

The reason that the 2 select statements differ, is because the data is
coming from a different view etc.
On page1.asp the data comes from view1 etc. The value of that data is put
into a querystring in order for page2.asp (which gets its data from ANOTHER
view - view2) to proccess the data.
I will paste my code up here without the naming ammendments, just thought
it'd be easier (clearly not).

Apologies once again for annoying you guys

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:ei**************@TK2MSFTNGP10.phx.gbl...
I think if Fawke101 were to use real column/parameter names instead of
kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this a lot quicker.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message
news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
that doesnt work tho, it completely ignores it and still generates a '
i cant get this damn thing to work, its not your fault, im sure im doing something wrong here.

The page with the link (with the apostrophy) -
****page1.asp****

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")

'incorrect link looks like - St Mathew's - when clicked -

<a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
=RS("value1")%></a>

****************
Then on page2.asp

Function SQL_QUOTE (str)
SQL_QUOTE = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
****************
and so on like that.........................

You're making this difficult to debug... which is the correct querystring variable name, "value" or "value1"? On page1.asp you called it "value"

and
on page 2 you are trying to reference "value1". In addition, you used the fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT???

Also,
your query on page2.asp is pulling from table "view2", but using a value
from "view1"???? Are these cut and paste errors?

Peter
PS- Odd naming convention (giving the sql_quote function all uppercase
letters... very strange).


Jul 19 '05 #13

P: n/a
Note i havent implemented the function or the Server URLEncode because it
doesnt work, this is my code as it stands now.

****Summary_Area.asp(Page1)******

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'")
do until RS.EOF
%>
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

********************************
****Summary_Manager.asp(Page2)****

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income
FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")
do until RS.EOF

<a href=
"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")%
"><% =RS ("assistant_manager")%></a>
<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

*******************************
To get to page1 you select an area from a list box and click submit. data is
arranged in accordance to the selection. A list of managers are listed for
that area, along with their customers and income. If you click on the
manager you go to page 2 and get a breakdown of the assistant manager/s for
that manager and so on and so on.......

I hope this has made it a bit clearer.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:#E**************@tk2msftngp13.phx.gbl... jesus man, i didnt mean to annoy anyone.
Il post the "actual" code.

The reason that the 2 select statements differ, is because the data is
coming from a different view etc.
On page1.asp the data comes from view1 etc. The value of that data is put
into a querystring in order for page2.asp (which gets its data from ANOTHER view - view2) to proccess the data.
I will paste my code up here without the naming ammendments, just thought
it'd be easier (clearly not).

Apologies once again for annoying you guys

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:ei**************@TK2MSFTNGP10.phx.gbl...
I think if Fawke101 were to use real column/parameter names instead of
kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this
a
lot quicker.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in message news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
> that doesnt work tho, it completely ignores it and still generates a ' > i cant get this damn thing to work, its not your fault, im sure im doing > something wrong here.
>
> The page with the link (with the apostrophy) -
> ****page1.asp****
>
> Function SQL_QUOTE (str)
> SQL_QUOTE = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
> view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
>
> 'incorrect link looks like - St Mathew's - when clicked -
>
> <a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
> =RS("value1")%></a>
>
> ****************
> Then on page2.asp
>
> Function SQL_QUOTE (str)
> SQL_QUOTE = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
> view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
> ****************
> and so on like that.........................
You're making this difficult to debug... which is the correct querystring variable name, "value" or "value1"? On page1.asp you called it "value" and
on page 2 you are trying to reference "value1". In addition, you used the fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT???

Also,
your query on page2.asp is pulling from table "view2", but using a

value from "view1"???? Are these cut and paste errors?

Peter
PS- Odd naming convention (giving the sql_quote function all uppercase
letters... very strange).



Jul 19 '05 #14

P: n/a
Fawke, which page - and which line - are you actually getting an error on?

"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl...
Note i havent implemented the function or the Server URLEncode because it
doesnt work, this is my code as it stands now.

****Summary_Area.asp(Page1)******

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'")
do until RS.EOF
%>
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

********************************
****Summary_Manager.asp(Page2)****

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")
do until RS.EOF

<a href=
"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")%
"><% =RS ("assistant_manager")%></a>


<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

*******************************
To get to page1 you select an area from a list box and click submit. data

is arranged in accordance to the selection. A list of managers are listed for
that area, along with their customers and income. If you click on the
manager you go to page 2 and get a breakdown of the assistant manager/s for that manager and so on and so on.......

I hope this has made it a bit clearer.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:#E**************@tk2msftngp13.phx.gbl...
jesus man, i didnt mean to annoy anyone.
Il post the "actual" code.

The reason that the 2 select statements differ, is because the data is
coming from a different view etc.
On page1.asp the data comes from view1 etc. The value of that data is put
into a querystring in order for page2.asp (which gets its data from ANOTHER
view - view2) to proccess the data.
I will paste my code up here without the naming ammendments, just thought it'd be easier (clearly not).

Apologies once again for annoying you guys

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:ei**************@TK2MSFTNGP10.phx.gbl...
I think if Fawke101 were to use real column/parameter names instead of
kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this
a
lot quicker.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in

message news:10*************@corp.supernews.com...
> "Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
> news:ej**************@TK2MSFTNGP09.phx.gbl...
> > that doesnt work tho, it completely ignores it and still generates a '
> > i cant get this damn thing to work, its not your fault, im sure im

doing
> > something wrong here.
> >
> > The page with the link (with the apostrophy) -
> > ****page1.asp****
> >
> > Function SQL_QUOTE (str)
> > SQL_QUOTE = Replace(str,"'","''")
> > End Function
> >
> > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1
WHERE > > view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
> >
> > 'incorrect link looks like - St Mathew's - when clicked -
> >
> > <a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
> > =RS("value1")%></a>
> >
> > ****************
> > Then on page2.asp
> >
> > Function SQL_QUOTE (str)
> > SQL_QUOTE = Replace(str,"'","''")
> > End Function
> >
> > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE > > view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
> > ****************
> > and so on like that.........................
>
>
> You're making this difficult to debug... which is the correct

querystring
> variable name, "value" or "value1"? On page1.asp you called it

"value" and
> on page 2 you are trying to reference "value1". In addition, you used the
> fieldnames "COL1" and "COL2" in the query above that. WHICH IS
IT??? Also,
> your query on page2.asp is pulling from table "view2", but using a

value > from "view1"???? Are these cut and paste errors?
>
> Peter
> PS- Odd naming convention (giving the sql_quote function all uppercase > letters... very strange).
>
>



Jul 19 '05 #15

P: n/a
OK, on page 1, when i click the link that has the apostrophy in -

******
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a> ******

I get a invalid syntax near 'S' error. this is the link that links to page
2, but only the one with the apostrophy is erroring.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Randy Rahbar" <rvrahbar@_JUNKETY_JUNK_hotmail.com> wrote in message
news:uW**************@TK2MSFTNGP11.phx.gbl...
Fawke, which page - and which line - are you actually getting an error on?

"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl...
Note i havent implemented the function or the Server URLEncode because it doesnt work, this is my code as it stands now.

****Summary_Area.asp(Page1)******

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'") do until RS.EOF
%>
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

********************************
****Summary_Manager.asp(Page2)****

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income
FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")
do until RS.EOF

<a href=

"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")%
"><% =RS ("assistant_manager")%></a>


<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

*******************************
To get to page1 you select an area from a list box and click submit. data is
arranged in accordance to the selection. A list of managers are listed for that area, along with their customers and income. If you click on the
manager you go to page 2 and get a breakdown of the assistant manager/s for
that manager and so on and so on.......

I hope this has made it a bit clearer.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:#E**************@tk2msftngp13.phx.gbl...
jesus man, i didnt mean to annoy anyone.
Il post the "actual" code.

The reason that the 2 select statements differ, is because the data is
coming from a different view etc.
On page1.asp the data comes from view1 etc. The value of that data is put into a querystring in order for page2.asp (which gets its data from

ANOTHER
view - view2) to proccess the data.
I will paste my code up here without the naming ammendments, just thought it'd be easier (clearly not).

Apologies once again for annoying you guys

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:ei**************@TK2MSFTNGP10.phx.gbl...
> I think if Fawke101 were to use real column/parameter names instead of > kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this
a
> lot quicker.
>
> --
> Aaron Bertrand
> SQL Server MVP
> http://www.aspfaq.com/
>
>
> "Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in

message
> news:10*************@corp.supernews.com...
> > "Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
> > news:ej**************@TK2MSFTNGP09.phx.gbl...
> > > that doesnt work tho, it completely ignores it and still
generates a
'
> > > i cant get this damn thing to work, its not your fault, im sure

im doing
> > > something wrong here.
> > >
> > > The page with the link (with the apostrophy) -
> > > ****page1.asp****
> > >
> > > Function SQL_QUOTE (str)
> > > SQL_QUOTE = Replace(str,"'","''")
> > > End Function
> > >
> > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1

WHERE > > > view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
> > >
> > > 'incorrect link looks like - St Mathew's - when clicked -
> > >
> > > <a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><% > > > =RS("value1")%></a>
> > >
> > > ****************
> > > Then on page2.asp
> > >
> > > Function SQL_QUOTE (str)
> > > SQL_QUOTE = Replace(str,"'","''")
> > > End Function
> > >
> > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE > > > view1.COL3='" & SQL_QUOTE(request.querystring("value1")) & "'")
> > > ****************
> > > and so on like that.........................
> >
> >
> > You're making this difficult to debug... which is the correct
querystring
> > variable name, "value" or "value1"? On page1.asp you called it

"value"
> and
> > on page 2 you are trying to reference "value1". In addition, you used the
> > fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT??? > Also,
> > your query on page2.asp is pulling from table "view2", but using a

value
> > from "view1"???? Are these cut and paste errors?
> >
> > Peter
> > PS- Odd naming convention (giving the sql_quote function all uppercase > > letters... very strange).
> >
> >
>
>



Jul 19 '05 #16

P: n/a
I know this was mentioned in an earlier post and you said it didn't work,
but did you replace apostrophes with double quotes in all your sql
statements? Try this...

On page 1, change this...

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'")

to...

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" &
replace(Session("lstArea"),"'","''") & "'")

On page 2, change this...

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income
FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")

to...

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income
FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
replace(request.querystring("manager"),"'","''") & "'")
Randy

"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
OK, on page 1, when i click the link that has the apostrophy in -

******
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a> ******

I get a invalid syntax near 'S' error. this is the link that links to page
2, but only the one with the apostrophy is erroring.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Randy Rahbar" <rvrahbar@_JUNKETY_JUNK_hotmail.com> wrote in message
news:uW**************@TK2MSFTNGP11.phx.gbl...
Fawke, which page - and which line - are you actually getting an error on?
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl...
Note i havent implemented the function or the Server URLEncode because it doesnt work, this is my code as it stands now.

****Summary_Area.asp(Page1)******

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'") do until RS.EOF
%>
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< % =RS("manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

********************************
****Summary_Manager.asp(Page2)****

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income
FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")
do until RS.EOF

<a href=

"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")%
>"><% =RS ("assistant_manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

*******************************
To get to page1 you select an area from a list box and click submit. data
is
arranged in accordance to the selection. A list of managers are listed

for that area, along with their customers and income. If you click on the
manager you go to page 2 and get a breakdown of the assistant manager/s for
that manager and so on and so on.......

I hope this has made it a bit clearer.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:#E**************@tk2msftngp13.phx.gbl...
> jesus man, i didnt mean to annoy anyone.
> Il post the "actual" code.
>
> The reason that the 2 select statements differ, is because the data
is > coming from a different view etc.
> On page1.asp the data comes from view1 etc. The value of that data is
put
> into a querystring in order for page2.asp (which gets its data from
ANOTHER
> view - view2) to proccess the data.
> I will paste my code up here without the naming ammendments, just

thought
> it'd be easier (clearly not).
>
> Apologies once again for annoying you guys
>
> --
> Thanks in advance
>
> Fawke
>
> Please remove ANTI and SPAM
> from my email address before emailing me.
>
> www.bradflack.com
> "Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
> news:ei**************@TK2MSFTNGP10.phx.gbl...
> > I think if Fawke101 were to use real column/parameter names
instead of > > kludging it up with this COL1/COL2 nonsense we'd get to the bottom of this
> a
> > lot quicker.
> >
> > --
> > Aaron Bertrand
> > SQL Server MVP
> > http://www.aspfaq.com/
> >
> >
> > "Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in
message
> > news:10*************@corp.supernews.com...
> > > "Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
> > > news:ej**************@TK2MSFTNGP09.phx.gbl...
> > > > that doesnt work tho, it completely ignores it and still generates
a
'
> > > > i cant get this damn thing to work, its not your fault, im
sure im > doing
> > > > something wrong here.
> > > >
> > > > The page with the link (with the apostrophy) -
> > > > ****page1.asp****
> > > >
> > > > Function SQL_QUOTE (str)
> > > > SQL_QUOTE = Replace(str,"'","''")
> > > > End Function
> > > >
> > > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1

WHERE
> > > > view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
> > > >
> > > > 'incorrect link looks like - St Mathew's - when clicked -
> > > >
> > > > <a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><% > > > > =RS("value1")%></a>
> > > >
> > > > ****************
> > > > Then on page2.asp
> > > >
> > > > Function SQL_QUOTE (str)
> > > > SQL_QUOTE = Replace(str,"'","''")
> > > > End Function
> > > >
> > > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2

WHERE
> > > > view1.COL3='" & SQL_QUOTE(request.querystring("value1")) &

"'") > > > > ****************
> > > > and so on like that.........................
> > >
> > >
> > > You're making this difficult to debug... which is the correct
> querystring
> > > variable name, "value" or "value1"? On page1.asp you called it
"value"
> > and
> > > on page 2 you are trying to reference "value1". In addition, you used
> the
> > > fieldnames "COL1" and "COL2" in the query above that. WHICH IS

IT???
> > Also,
> > > your query on page2.asp is pulling from table "view2", but using

a value
> > > from "view1"???? Are these cut and paste errors?
> > >
> > > Peter
> > > PS- Odd naming convention (giving the sql_quote function all

uppercase
> > > letters... very strange).
> > >
> > >
> >
> >
>
>



Jul 19 '05 #17

P: n/a
Hi, thanks for that.

I have tried this and it doesnt work, the incorrect syntax error still
appears as does the apostrophy.
Does it make a difference that its the "manager" column that contains the
apostrophy? as the code you gave seems to replace the "Area" part of it?
Can i incorporate a replace function into the Hyperlink/URL?

Not sure why its not working, did exacly what you said

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Randy Rahbar" <rvrahbar@_JUNKETY_JUNK_hotmail.com> wrote in message
news:#w**************@TK2MSFTNGP09.phx.gbl...
I know this was mentioned in an earlier post and you said it didn't work,
but did you replace apostrophes with double quotes in all your sql
statements? Try this...

On page 1, change this...

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") & "'")

to...

Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM
vw_Summary_Area WHERE vw_Summary_Area.Area='" &
replace(Session("lstArea"),"'","''") & "'")

On page 2, change this...

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")

to...

Set RS = DataConnection.Execute("SELECT assistant_manager, customer, income FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
replace(request.querystring("manager"),"'","''") & "'")
Randy

"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
OK, on page 1, when i click the link that has the apostrophy in -

******
<a href= "summary_manager.asp?manager=<%=RS("manager")%>">< %
> =RS("manager")%></a> ******

I get a invalid syntax near 'S' error. this is the link that links to page
2, but only the one with the apostrophy is erroring.

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Randy Rahbar" <rvrahbar@_JUNKETY_JUNK_hotmail.com> wrote in message
news:uW**************@TK2MSFTNGP11.phx.gbl...
Fawke, which page - and which line - are you actually getting an error on?
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:%2***************@TK2MSFTNGP10.phx.gbl...
> Note i havent implemented the function or the Server URLEncode because it
> doesnt work, this is my code as it stands now.
>
> ****Summary_Area.asp(Page1)******
>
> <%Dim RS
>
> Function sql_quote (str)
> sql_quote = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT manager, customer, income, FROM > vw_Summary_Area WHERE vw_Summary_Area.Area='" & Session("lstArea") &

"'")
> do until RS.EOF
> %>
> <a href= "summary_manager.asp?manager=<%=RS("manager")%>">< % > =RS("manager")%></a>
>
> <% =RS("customer")%>
>
> <% =formatcurrency(RS("income"),2)%>
>
> <% RS.MoveNext
> Loop %>
>
> ********************************
> ****Summary_Manager.asp(Page2)****
>
> <%Dim RS
>
> Function sql_quote (str)
> sql_quote = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT assistant_manager, customer,
income
> FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
> request.querystring("manager") & "'")
> do until RS.EOF
>
> <a href=
>

"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")% > >"><% =RS ("assistant_manager")%></a>
>
> <% =RS("customer")%>
>
> <% =formatcurrency(RS("income"),2)%>
>
> <% RS.MoveNext
> Loop %>
>
> *******************************
> To get to page1 you select an area from a list box and click submit.

data
is
> arranged in accordance to the selection. A list of managers are listed
for
> that area, along with their customers and income. If you click on
the > manager you go to page 2 and get a breakdown of the assistant manager/s for
> that manager and so on and so on.......
>
> I hope this has made it a bit clearer.
>
> --
> Thanks in advance
>
> Fawke
>
> Please remove ANTI and SPAM
> from my email address before emailing me.
>
> www.bradflack.com
> "Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
> news:#E**************@tk2msftngp13.phx.gbl...
> > jesus man, i didnt mean to annoy anyone.
> > Il post the "actual" code.
> >
> > The reason that the 2 select statements differ, is because the data is
> > coming from a different view etc.
> > On page1.asp the data comes from view1 etc. The value of that data is put
> > into a querystring in order for page2.asp (which gets its data
from > ANOTHER
> > view - view2) to proccess the data.
> > I will paste my code up here without the naming ammendments, just
thought
> > it'd be easier (clearly not).
> >
> > Apologies once again for annoying you guys
> >
> > --
> > Thanks in advance
> >
> > Fawke
> >
> > Please remove ANTI and SPAM
> > from my email address before emailing me.
> >
> > www.bradflack.com
> > "Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
> > news:ei**************@TK2MSFTNGP10.phx.gbl...
> > > I think if Fawke101 were to use real column/parameter names
instead
of
> > > kludging it up with this COL1/COL2 nonsense we'd get to the bottom of
> this
> > a
> > > lot quicker.
> > >
> > > --
> > > Aaron Bertrand
> > > SQL Server MVP
> > > http://www.aspfaq.com/
> > >
> > >
> > > "Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote

in > message
> > > news:10*************@corp.supernews.com...
> > > > "Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
> > > > news:ej**************@TK2MSFTNGP09.phx.gbl...
> > > > > that doesnt work tho, it completely ignores it and still

generates
a
> '
> > > > > i cant get this damn thing to work, its not your fault, im

sure
im
> > doing
> > > > > something wrong here.
> > > > >
> > > > > The page with the link (with the apostrophy) -
> > > > > ****page1.asp****
> > > > >
> > > > > Function SQL_QUOTE (str)
> > > > > SQL_QUOTE = Replace(str,"'","''")
> > > > > End Function
> > > > >
> > > > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1 WHERE
> > > > > view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
> > > > >
> > > > > 'incorrect link looks like - St Mathew's - when clicked -
> > > > >
> > > > > <a href= "page2.asp?VALUE=<%

=server.urlencode(RS("value1"))%>"><%
> > > > > =RS("value1")%></a>
> > > > >
> > > > > ****************
> > > > > Then on page2.asp
> > > > >
> > > > > Function SQL_QUOTE (str)
> > > > > SQL_QUOTE = Replace(str,"'","''")
> > > > > End Function
> > > > >
> > > > > Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2 WHERE
> > > > > view1.COL3='" & SQL_QUOTE(request.querystring("value1")) &

"'") > > > > > ****************
> > > > > and so on like that.........................
> > > >
> > > >
> > > > You're making this difficult to debug... which is the correct
> > querystring
> > > > variable name, "value" or "value1"? On page1.asp you called it > "value"
> > > and
> > > > on page 2 you are trying to reference "value1". In addition, you used
> > the
> > > > fieldnames "COL1" and "COL2" in the query above that. WHICH IS IT???
> > > Also,
> > > > your query on page2.asp is pulling from table "view2", but
using a > value
> > > > from "view1"???? Are these cut and paste errors?
> > > >
> > > > Peter
> > > > PS- Odd naming convention (giving the sql_quote function all
uppercase
> > > > letters... very strange).
> > > >
> > > >
> > >
> > >
> >
> >
>
>



Jul 19 '05 #18

P: n/a
Let's get this working without the database involved.

page 1:
<a href= "summary_manager.asp?manager=O'Connor">O'Conno r</a>

page 2 (summary_manager.asp):
<%
dim sSQL
response.write request.querystring("manager") & "<BR>"
sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
request.querystring("manager") & "'")

Response.write sSQL & "<BR>"
%>

When you click the link, the resulting page will look like this:
O'Connor
.... WHERE vw_Summary_Manager.manager='O'Connor'

The problem here is that the query engine will think the apostrophe after
the O is the string delimiter. You need to tell it to treat it as a literal
apostrophe instead of a delimiter by doubling it. Like this:

sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
Replace(request.querystring("manager"), "'", "''") & "'")

Response.write sSQL & "<BR>"

Now, when you click the link, you should see this:
.... WHERE vw_Summary_Manager.manager='O''Connor'

Always use response.write to test your concatenations.
You can avoid this problem entirely by using a stored procedure (sql server)
or saved parameter query (access) instead of dynamic sql.

http://www.google.com/groups?hl=en&l...2003%26hl%3Den

You can also avoid it by parameterizing your dynamic sql statement and using
a command object to execute it.
http://groups.google.com/groups?q=pa...hx.gbl&rnum=33

Bob Barrows

Fawke101 wrote:
Note i havent implemented the function or the Server URLEncode
because it doesnt work, this is my code as it stands now.

****Summary_Area.asp(Page1)******

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT manager, customer, income,
FROM vw_Summary_Area WHERE vw_Summary_Area.Area='" &
Session("lstArea") & "'") do until RS.EOF
%>
<a href=
"summary_manager.asp?manager=<%=RS("manager")%>">< %
=RS("manager")%></a>

<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

********************************
****Summary_Manager.asp(Page2)****

<%Dim RS

Function sql_quote (str)
sql_quote = Replace(str,"'","''")
End Function

Set RS = DataConnection.Execute("SELECT assistant_manager, customer,
income FROM vw_Summary_Manager WHERE vw_Summary_Manager.manager='" &
request.querystring("manager") & "'")
do until RS.EOF

<a href=

"summary_assistant_manager.asp?assistant_manager=< %=RS("assistant_manager")%
"><% =RS ("assistant_manager")%></a>


<% =RS("customer")%>

<% =formatcurrency(RS("income"),2)%>

<% RS.MoveNext
Loop %>

*******************************
To get to page1 you select an area from a list box and click submit.
data is arranged in accordance to the selection. A list of managers
are listed for that area, along with their customers and income. If
you click on the manager you go to page 2 and get a breakdown of the
assistant manager/s for that manager and so on and so on.......

I hope this has made it a bit clearer.
www.bradflack.com
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:#E**************@tk2msftngp13.phx.gbl...
jesus man, i didnt mean to annoy anyone.
Il post the "actual" code.

The reason that the 2 select statements differ, is because the data
is coming from a different view etc.
On page1.asp the data comes from view1 etc. The value of that data
is put into a querystring in order for page2.asp (which gets its
data from ANOTHER view - view2) to proccess the data.
I will paste my code up here without the naming ammendments, just
thought it'd be easier (clearly not).

Apologies once again for annoying you guys

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Aaron Bertrand [MVP]" <aa***@TRASHaspfaq.com> wrote in message
news:ei**************@TK2MSFTNGP10.phx.gbl...
I think if Fawke101 were to use real column/parameter names instead
of kludging it up with this COL1/COL2 nonsense we'd get to the
bottom of this a lot quicker.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
"Peter Foti" <pe***@Idontwantnostinkingemailfromyou.com> wrote in
message news:10*************@corp.supernews.com...
"Fawke101" <gu*@ANTIbradflack.SPAMcom> wrote in message
news:ej**************@TK2MSFTNGP09.phx.gbl...
> that doesnt work tho, it completely ignores it and still
> generates a ' i cant get this damn thing to work, its not your
> fault, im sure im doing something wrong here.
>
> The page with the link (with the apostrophy) -
> ****page1.asp****
>
> Function SQL_QUOTE (str)
> SQL_QUOTE = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view1
> WHERE view1.COL3='" & SQL_QUOTE(session("lstbox")) & "'")
>
> 'incorrect link looks like - St Mathew's - when clicked -
>
> <a href= "page2.asp?VALUE=<% =server.urlencode(RS("value1"))%>"><%
> =RS("value1")%></a>
>
> ****************
> Then on page2.asp
>
> Function SQL_QUOTE (str)
> SQL_QUOTE = Replace(str,"'","''")
> End Function
>
> Set RS = DataConnection.Execute("SELECT COL1, COL2 FROM view2
> WHERE view1.COL3='" & SQL_QUOTE(request.querystring("value1")) &
> "'") ****************
> and so on like that.........................
You're making this difficult to debug... which is the correct
querystring variable name, "value" or "value1"? On page1.asp you
called it "value" and on page 2 you are trying to reference
"value1". In addition, you used the fieldnames "COL1" and "COL2"
in the query above that. WHICH IS IT??? Also, your query on
page2.asp is pulling from table "view2", but using a value from
"view1"???? Are these cut and paste errors?

Peter
PS- Odd naming convention (giving the sql_quote function all
uppercase letters... very strange).


--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 19 '05 #19

P: n/a
Bob Barrows [MVP] wrote:
Let's get this working without the database involved.
page 2 (summary_manager.asp):
. You need to tell it to treat it as a
literal
apostrophe instead of a delimiter by doubling it. Like this:

sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
Replace(request.querystring("manager"), "'", "''") & "'")

Response.write sSQL & "<BR>"

Oops - here's the TESTED code:

<%
dim sSQL
response.write request.querystring("manager") & "<BR>"
sSQL = "SELECT assistant_manager, customer, income " & _
"FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
replace(Request.QueryString("manager"),"'","''") & "'"

Response.write sSQL & "<BR>"
%>
Jul 19 '05 #20

P: n/a
Thats great, but the database wont find a record unless it has the
apostrophy? how can i match it up!?

--
Thanks in advance

Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Bob Barrows [MVP]" <re******@NOyahoo.SPAMcom> wrote in message
news:#b**************@tk2msftngp13.phx.gbl...
Bob Barrows [MVP] wrote:
Let's get this working without the database involved.
page 2 (summary_manager.asp):
. You need to tell it to treat it as a
literal
apostrophe instead of a delimiter by doubling it. Like this:

sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
Replace(request.querystring("manager"), "'", "''") & "'")

Response.write sSQL & "<BR>"

Oops - here's the TESTED code:

<%
dim sSQL
response.write request.querystring("manager") & "<BR>"
sSQL = "SELECT assistant_manager, customer, income " & _
"FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
replace(Request.QueryString("manager"),"'","''") & "'"

Response.write sSQL & "<BR>"
%>

Jul 19 '05 #21

P: n/a
What database are you using?

The sql statement containing the doubled apostrophe DOES contain an
apostrophe. Prove it to yourself:

Open up the query tool in whatever database you are using (query Analyzer
for SQL Server; Query Builder if Access). Copy and paste the sql statement
that resulted from the response.write from the browser window into the query
tool and run it. It should get you your results. Give us more details if it
does not.

Bob Barrows

Fawke101 wrote:
Thats great, but the database wont find a record unless it has the
apostrophy? how can i match it up!?
www.bradflack.com
"Bob Barrows [MVP]" <re******@NOyahoo.SPAMcom> wrote in message
news:#b**************@tk2msftngp13.phx.gbl...
Bob Barrows [MVP] wrote:
Let's get this working without the database involved.
page 2 (summary_manager.asp):
. You need to tell it to treat it as a
literal
apostrophe instead of a delimiter by doubling it. Like this:

sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
Replace(request.querystring("manager"), "'", "''") & "'")

Response.write sSQL & "<BR>"

Oops - here's the TESTED code:

<%
dim sSQL
response.write request.querystring("manager") & "<BR>"
sSQL = "SELECT assistant_manager, customer, income " & _
"FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
replace(Request.QueryString("manager"),"'","''") & "'"

Response.write sSQL & "<BR>"
%>


--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.
Jul 19 '05 #22

P: n/a
My apologies bob, i replced the apostrophy with "" rather than "''", i didnt
realise the DB would look for a ' when i entered ''. A mistunderstanding on
my part.
I apologise to all who bared with me in this post,

It all working!!

kind regards and thanks to all

--
Fawke

Please remove ANTI and SPAM
from my email address before emailing me.

www.bradflack.com
"Bob Barrows [MVP]" <re******@NOyahoo.SPAMcom> wrote in message
news:OE**************@TK2MSFTNGP11.phx.gbl...
What database are you using?

The sql statement containing the doubled apostrophe DOES contain an
apostrophe. Prove it to yourself:

Open up the query tool in whatever database you are using (query Analyzer
for SQL Server; Query Builder if Access). Copy and paste the sql statement
that resulted from the response.write from the browser window into the query tool and run it. It should get you your results. Give us more details if it does not.

Bob Barrows

Fawke101 wrote:
Thats great, but the database wont find a record unless it has the
apostrophy? how can i match it up!?
www.bradflack.com
"Bob Barrows [MVP]" <re******@NOyahoo.SPAMcom> wrote in message
news:#b**************@tk2msftngp13.phx.gbl...
Bob Barrows [MVP] wrote:
Let's get this working without the database involved.
page 2 (summary_manager.asp):
. You need to tell it to treat it as a
literal
apostrophe instead of a delimiter by doubling it. Like this:

sSQL = "SELECT assistant_manager, customer, income " & _
FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
Replace(request.querystring("manager"), "'", "''") & "'")

Response.write sSQL & "<BR>"

Oops - here's the TESTED code:

<%
dim sSQL
response.write request.querystring("manager") & "<BR>"
sSQL = "SELECT assistant_manager, customer, income " & _
"FROM vw_Summary_Manager " & _
"WHERE vw_Summary_Manager.manager='" & _
replace(Request.QueryString("manager"),"'","''") & "'"

Response.write sSQL & "<BR>"
%>


--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.

Jul 19 '05 #23

This discussion thread is closed

Replies have been disabled for this discussion.