I have set-up a database through ASP that allows the site's owner to login into an Admin section and using a WYSIWYG editor dynamically change content on the site. The Editor I am using is TinyMCE.
Where I have an issue is, when the editor uses ' or " within their text blob, I get a MySQL error...
Microsoft OLE DB Provider for ODBC DriversWhich I assume is because the first time an apostrophe or quotes is used, MySQL feels that is the end of the statement, and doesn't understand how to handle the rest of the content spewed from the WYSIWYG editor.
error '80004005'
[MySQL][ODBC 3.51 Driver][mysqld-4.1.22-max-log]SQLBindParameter not used for all parameters
admin/message.asp, line 66
My ASP coding to handle the updated text blob is, teh variable Content being the WYSIWYG output, and MessageName, is the section of the site they are editing...
Expand|Select|Wrap|Line Numbers
- query="UPDATE message SET Content='"&Content&"' WHERE MessageName='"&Message&"'"
- set(upd)=oConn.execute(query)