devxlogo

VBScript “Replace” Function

VBScript “Replace” Function

Question:
I am using Microsoft’s Active Server Pages for a web application I am working on. In the application I must take user input (via an html form) and insert and update records in an Access (soon-to-be SQL Server) table. The problem is that if a user’s input contains a ‘ then the sql string used to insert the record into the database blows up. I have tried using the VBScript Replace function to search for all ‘ marks and remove them, but it does not work. Is there any other way to remove these single quote marks?

Answer:
You have a couple of options here. First of all, if you put two singlequotes together, you can store the character in the database and put itthrough your SQL statement.

If you don’t want to allow single quotes at all, you can perform theReplace yourself with this code:

Dim iDim sNewStringFor i = 1 to Len(MyString)   If Mid(MyString, i, 1) <> “‘” Then      sNewString = sNewString & Mid(MyString, i, 1)   End IfNext i
The variable “sNewString” will contain the string without any single quotes in it.

See also  How to Avoid Money Transfer Scams  
devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist