Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.

Tip of the Day
Language: Enterprise, Web
Expertise: All
Jun 25, 1999



Application Security Testing: An Integral Part of DevOps

Beware of Single Quotes When Working With SQL

When concatenating a SQL statement such as INSERT, you may have trouble if your field value contains an apostrophe (') such as in "Commedia Dell'Arte." SQL thinks the apostrophe is a delimiter for the string. You can avoid the problem by using the VBScript Replace() function to clean up the string. For example, this code replaces all single apostrophes with two apostrophes:

sText="Commedia Dell'Arte"
sText = Replace(sText, "'", "''")

Then use sText to concatentate your SQL statement, instead of the single apostrophe version.

Ken Cox
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date