To any who might be able to help this is the situation.I have a
dropdown list that gets populated from SQL. It contains both single and
double quotes. It populates the dropdown list just fine. I create a
variable and assign its value to whatever is the selected value of the
dropdown list control. (Line 1) Based on that variable I use it to
search for another item in the table, then populate a Gridview (Lines
19-26). The problem (I think) is that since the variable
(sProductDescripton) has single and double quotes, when it is used in
the query statement the quotes are not being 'seen'. (Line 12) Below is
my code:
1 Dim sProductDescripton As String =
Me.ddlProduct.SelectedValue
2 Dim sDistrict As String = Me.ddlDivision.SelectedValue
3 Dim sProductType As String = Me.ddlProdType.SelectedValue
4 Dim sPart As String = "Panel"
5
6 Dim myConn As New SqlConnection
7 Dim myCmd As New SqlCommand
8 Dim sSQL As String
9 Dim sConn As String
12 sSQL = "select NAME, PART from POP_PRODUCT where TYPE=
'" & sProductType & "' and PART= '" & sPart & "' and DISTRICT= '" &
sDistrict & "' and NAME='" & sProductDescripton & "'"
13 sConn = "Server=USFBGDXPP196\SQLEXPRESS;Initial
Catalog=APPS;Integrated Security=True"
14
15 myConn = New SqlConnection(sConn)
16 myConn.Open()
17 myCmd = New SqlCommand(sSQL, myConn)
18
19 Dim dSet As New Data.DataSet
20 Dim dView As New Data.DataView
21 Dim myDataAdapter As SqlDataAdapter
22 myDataAdapter = New SqlDataAdapter(sSQL, sConn)
23 myDataAdapter.Fill(dSet)
24
25 Me.gvPanel.DataSource = dSet
26 Me.gvPanel.DataBind()
27
28 myCmd.Dispose()
29 myConn.Close()
Could anyone offer any suggestions?
