473,320 Members | 1,856 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

SQL - Simple query

147 100+
Hi

I am going 'grey' with this problem! I have the most simple of queries which works fine in SQL server, but won't work on the web page! I'm 99% certain the error is due to the quote symbol (after the number 0.050). Sadly, I need to use a quote symbol as some of my measurements are in inches (others in millimeters)!

When my code runs in SQL server, it works fine and I use (this is a very stripped down version):
Expand|Select|Wrap|Line Numbers
  1. SELECT * FROM View_BoardToBoard WHERE Pitch LIKE '0.050"'
  2.  


The code in my CS webpage is:

Expand|Select|Wrap|Line Numbers
  1.  
  2. string strPitch = "0.050"";
  3. string strSQL = "SELECT * FROM View_BoardToBoard WHERE Pitch LIKE '"+strPitch+"'";
This displays no results! As mentioned above, it must be because of the " (quote) symbol! I obviously can't do:
Expand|Select|Wrap|Line Numbers
  1. string strPitch = "0.050"";
as I'll get a Newline in constant error message!!

Any ideas?
Jun 1 '09 #1
9 2411
balame2004
142 100+
I think use shoud use string strPitch = "0.050""; . Does not it work?
Jun 1 '09 #2
DaveRook
147 100+
Hi

No, that won't work. I can't use the " as an inch symbol because it closes the string!

Any other ideas?
Jun 1 '09 #3
MikeTheBike
639 Expert 512MB
@DaveRook
Hi
Have you tried
Expand|Select|Wrap|Line Numbers
  1. strPitch = "0.050"""
??

MTB
Jun 1 '09 #4
DaveRook
147 100+
Hi Mike,

Sadly, still no luck. When I do that, I get :

CS1002: ; expected

This is a real sod! Normally I would just add the " in the web page, but as the dimensions from the site are either inches or mm, I can't do this!

Any other ideas?

Thanks
Jun 1 '09 #5
DaveRook
147 100+
Hi

Solved - I added the wildcard as it couldn't work it with the quote "


Expand|Select|Wrap|Line Numbers
  1.  string strSQL = "SELECT * FROM View_BoardToBoard WHERE Pitch LIKE '0.050%''
Thanks

Dave
Jun 1 '09 #6
tlhintoq
3,525 Expert 2GB
"your text\" "
In other places where we need to specify a quote within quotes we use the \ symbol, just like other special string characters.
\n\l New line
\t tab
Jun 1 '09 #7
r035198x
13,262 8TB
Better use Parameters for the SQL command. It will take care of all the quoting and provides the first layer of defense against SQL injection.
Jun 2 '09 #8
You could also set a variable to the character code for the quote sign and concatenate it to your string. Something like this:

Expand|Select|Wrap|Line Numbers
  1. ChrQuote = Chr(34)
  2. strPitch = "0.050" & ChrQuote
  3. string strSQL = "SELECT * FROM View_BoardToBoard WHERE Pitch LIKE '" & strPitch & "'";
Jun 3 '09 #9
Frinavale
9,735 Expert Mod 8TB
I was going to recommend the exact same thing as r0.

This article about how to use a database in your program gives an example of how to use parameters.

See this article for more information about Sql Injection Attack.
Jun 3 '09 #10

Sign in to post your reply or Sign up for a free account.

Similar topics

0
by: unixman | last post by:
As usual, it is 2:00am, and I'm pulling my hair out, finally resorting to posting in the newsgroups for help. :) Simple problem, in theory. Given table "map": CREATE TABLE map ( entry_id...
6
by: Eddie Smit | last post by:
field- field- surname town ---- ---- john NY john Vegas john Boston eddie Boston eddie New Orleans eddie NY
2
by: Mrs Howl | last post by:
I have a query that just reads one table and appends to an output table, one-for-one. No criteria. It's not a Total query (i.e. no group by). It normally run run in minutes, but gets horribly...
1
by: j.mandala | last post by:
I created a simple link between two tables in a query. TableA has Social Security numbers stored as Long Integer Data. (I imported this table). The Join is between these two fields Table ...
3
by: Don Sealer | last post by:
I'm guessing this is pretty simple however not simple enough for me. I'm developing a database to track expenses, income, banking transactions, etc. I have a very simple query with four fields,...
2
by: Don Wash | last post by:
Hi All! I've been searching everywhere for a simple sample of producing a bar graph using CrystalReport by specifying SQL Query, and I've found none of it! I find so many complex samples with so...
3
by: John Baker | last post by:
Hi:7 Newby here to ASP, and using the ASP.NET Web Matrix development tool. While that tool looks great for a Newby, I have run into a snag. I have an HTML Text Box which I have named HireInput,...
27
by: one man army | last post by:
Hi All- I am new to PHP. I found FAQTS and the php manual. I am trying this sequence, but getting 'no zip string found:'... PHP Version 4.4.0 $doc = new DomDocument; $res =...
2
by: Fendi Baba | last post by:
I created a person table with various fields such as Suffix, Salutation, etc, Some of these fields may not be mandatory for example suffix. In the actual table itself, I only have a field for...
9
by: Emin | last post by:
Dear Experts, I have a fairly simple query in which adding a where clause slows things down by at least a factor of 100. The following is the slow version of the query ...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.