Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.

Tip of the Day
Language: Enterprise
Expertise: Beginner
May 21, 2001



Application Security Testing: An Integral Part of DevOps

VBScript Function That Escapes an Entire SQL String

The following is a VBScript function that will escape an entire SQL string, not just individual field values. This is so that ' becomes '' when it's supposed to. The code can be easily converted to Visual Basic, as it was created initially using VB.Net.
Function DString(sSQL)
    Dim DataElements(9999)
    Dim CurrentElement
    Dim LastElement
    Dim NextElement
    Dim All

    For I = 1 To Len(sSQL)
        DataElements(I - 1) = Mid(sSQL, I, 1)
    For I = LBound(DataElements) To UBound(DataElements)
        CurrentElement = DataElements(I)
        If CurrentElement = 
Kevin Swarts
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date