Building SQL in Code

Building SQL in Code

I am building an SQL statement to Insert and Update records. If the user enters a double quote mark in the text box the SQL statement treats this as the end of the field and the SQL statement is then invalid. I have changed the SQL statement to use single quote marks, but now the user can’t enter single quote marks in the textbox. Is there a solution to this?

sql = "Insert into tblTech (TechId, TechDesc)  values (" & """" & Trim(.TechId) & """, " & """"      & Trim(.TechDesc) & """);"qyTech.CommandText = sqlqyTech.Execute

Any strings that you are passing to a database must be enclosed in single quotes, not double quotes. If you change the two double quote character pairs to single quotes, that should take care of your problem.

See also  5 Tips for Working With an Onsite Interpreter

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist