Question:
I am building an SQL statement to Insert and Update records. If the user enters a double quote mark in the text box the SQL statement treats this as the end of the field and the SQL statement is then invalid. I have changed the SQL statement to use single quote marks, but now the user can’t enter single quote marks in the textbox. Is there a solution to this?
sql = "Insert into tblTech (TechId, TechDesc) values (" & """" & Trim(.TechId) & """, " & """" & Trim(.TechDesc) & """);"qyTech.CommandText = sqlqyTech.Execute
Answer:
Any strings that you are passing to a database must be enclosed in single quotes, not double quotes. If you change the two double quote character pairs to single quotes, that should take care of your problem.
Charlie has over a decade of experience in website administration and technology management. As the site admin, he oversees all technical aspects of running a high-traffic online platform, ensuring optimal performance, security, and user experience.
