Question:
I am building an SQL statement to Insert and Update records. If the user enters a double quote mark in the text box the SQL statement treats this as the end of the field and the SQL statement is then invalid. I have changed the SQL statement to use single quote marks, but now the user can’t enter single quote marks in the textbox. Is there a solution to this?
sql = "Insert into tblTech (TechId, TechDesc) values (" & """" & Trim(.TechId) & """, " & """" & Trim(.TechDesc) & """);"qyTech.CommandText = sqlqyTech.Execute
Answer:
Any strings that you are passing to a database must be enclosed in single quotes, not double quotes. If you change the two double quote character pairs to single quotes, that should take care of your problem.