Hi,
I read the thread (2/16/05) regarding a replace function in C# however it
didn't answer my question. I have a string which is building an insert sql
statement and I would like to replace apostrophes of the form fields. I was
trying to do something like this:
string sqlInsertEmails = "insert into tblContent (content, subject) values
('" + Replace(txtBody.Text,"'","''") + "', '" +
Replace(txtSubject.Text,"'","''") + "')";
How can I replace the apostrophe of the form fields (i.e. txtBody.Text)
instead of running a replace function on the entire insert sql statement
which would replace the apostrophes that are needed in the sql statement?
Thanks,
Andy 3 5435
I'm confused. In the code you just posted, you are not calling the
String.Replace() for the entire SQL statement. You are replacing the values
of 2 textboxes, which is what you seem to be asking how to do. Of course,
your example is an unholy mixture of C# and VB syntax. It should read:
string sqlInsertEmails = "insert into tblContent (content, subject) values
"'" +
txtBody.Text.Replace("'", "''") + "', '" +
txtSubject.Text.Replace("'", "''") + "'";
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
Neither a follower nor a lender be.
"Andy Sutorius" <an**@sutorius.com> wrote in message
news:JK*********************@twister.southeast.rr. com... Hi,
I read the thread (2/16/05) regarding a replace function in C# however it didn't answer my question. I have a string which is building an insert sql statement and I would like to replace apostrophes of the form fields. I was trying to do something like this:
string sqlInsertEmails = "insert into tblContent (content, subject) values ('" + Replace(txtBody.Text,"'","''") + "', '" + Replace(txtSubject.Text,"'","''") + "')";
How can I replace the apostrophe of the form fields (i.e. txtBody.Text) instead of running a replace function on the entire insert sql statement which would replace the apostrophes that are needed in the sql statement?
Thanks,
Andy
Andy:
I'm going to answer this in two parts.
First to answer your question:
"insert into xxx (content, subject) values ('" + txtBody.Text.Replace("'",
"''") + "', '" ....
Secondly, consider using parameterized values instead of concatenation like
this. Do:
someCommand.CommandText = "insert into xxx (content, subject) values (@body,
@subject)"
someCommand.Parameters.Add("@Body", SqlDbType.VarChar, 2048).Value =
txtBody.Text
someCommand.Parameters.Add("@Subject", SqlDbType.VarChar, 128).Value =
txtSibject.Text
you don't need to worry about replace single quotes this way, it provides
more security and can be far more easily replaced with a stored procedure...
Karl
--
MY ASP.Net tutorials http://www.openmymind.net/
"Andy Sutorius" <an**@sutorius.com> wrote in message
news:JK*********************@twister.southeast.rr. com... Hi,
I read the thread (2/16/05) regarding a replace function in C# however it didn't answer my question. I have a string which is building an insert sql statement and I would like to replace apostrophes of the form fields. I
was trying to do something like this:
string sqlInsertEmails = "insert into tblContent (content, subject) values ('" + Replace(txtBody.Text,"'","''") + "', '" + Replace(txtSubject.Text,"'","''") + "')";
How can I replace the apostrophe of the form fields (i.e. txtBody.Text) instead of running a replace function on the entire insert sql statement which would replace the apostrophes that are needed in the sql statement?
Thanks,
Andy
Kevin and Karl,
Thank you!
Andy
"Karl Seguin" <karl REMOVE @ REMOVE openmymind REMOVEMETOO . ANDME net>
wrote in message news:%2****************@TK2MSFTNGP12.phx.gbl... Andy: I'm going to answer this in two parts.
First to answer your question:
"insert into xxx (content, subject) values ('" + txtBody.Text.Replace("'", "''") + "', '" ....
Secondly, consider using parameterized values instead of concatenation
like this. Do:
someCommand.CommandText = "insert into xxx (content, subject) values
(@body, @subject)" someCommand.Parameters.Add("@Body", SqlDbType.VarChar, 2048).Value = txtBody.Text someCommand.Parameters.Add("@Subject", SqlDbType.VarChar, 128).Value = txtSibject.Text
you don't need to worry about replace single quotes this way, it provides more security and can be far more easily replaced with a stored
procedure... Karl
-- MY ASP.Net tutorials http://www.openmymind.net/
"Andy Sutorius" <an**@sutorius.com> wrote in message news:JK*********************@twister.southeast.rr. com... Hi,
I read the thread (2/16/05) regarding a replace function in C# however
it didn't answer my question. I have a string which is building an insert
sql statement and I would like to replace apostrophes of the form fields. I was trying to do something like this:
string sqlInsertEmails = "insert into tblContent (content, subject)
values ('" + Replace(txtBody.Text,"'","''") + "', '" + Replace(txtSubject.Text,"'","''") + "')";
How can I replace the apostrophe of the form fields (i.e. txtBody.Text) instead of running a replace function on the entire insert sql statement which would replace the apostrophes that are needed in the sql
statement? Thanks,
Andy
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: tgh003 |
last post by:
I need to replace a number in a string
str = "http://www.example.com?test=1&cat=0&ref=123213123213";
I want to replace the 0 after the cat= part with a new number. 0 could
be any number...
|
by: galsaba |
last post by:
I just found out that Replace Function exists in Access XP (as part of
MS Office), but does not exist in Access 2000 (as part of access 2000).
Any idea how I can resolve it? Does access 2000 has an...
|
by: pembed2003 |
last post by:
Hi all,
I need to write a function to search and replace part of a char*
passed in to the function. I came up with the following:
char* search_and_replace(char* source,char search,char*...
|
by: Paul |
last post by:
hi, there,
for example,
char *mystr="##this is##a examp#le";
I want to replace all the "##" in mystr with "****". How can I do this?
I checked all the string functions in C, but did not...
|
by: Joe HM |
last post by:
Hello -
I have the following very simple code ...
Dim lStringA As String = ""
Dim lStringB As String = ""
....
lStringB = Replace(lStringA, "DUMMY", "", Compare:=CompareMethod.Text)
|
by: int main(void) |
last post by:
Hi all,
Following is my attempt to write a string search and replace
function.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>...
|
by: denoxis |
last post by:
Hi,
I have a mystery to solve. It is a mystery because it happens randomly.
In the ASP page that is in question, I build a large string (no more
than 10K) which is basically an email...
|
by: V S Rawat |
last post by:
I was trying to use back-to-back replace functions to convert a url:
str1 =
str.replace("%2F","/").replace("%3F","?").replace("%3D","=").replace("%2
6","&");
It didn't replace all 4 types of...
|
by: SirCodesALot |
last post by:
Hi All,
I am trying to dynamically replace a table in the dom, anyone have an
idea on how to do this.
here is some sample suedo code of what I want to do.
var tableHTML = "<table...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |