devxlogo

Building SQL in Code

Building SQL in Code

Why Trust Us

Question:
I am building an SQL statement to Insert and Update records. If the user enters a double quote mark in the text box the SQL statement treats this as the end of the field and the SQL statement is then invalid. I have changed the SQL statement to use single quote marks, but now the user can’t enter single quote marks in the textbox. Is there a solution to this?

sql = "Insert into tblTech (TechId, TechDesc)  values (" & """" & Trim(.TechId) & """, " & """"      & Trim(.TechDesc) & """);"qyTech.CommandText = sqlqyTech.Execute

Answer:
Any strings that you are passing to a database must be enclosed in single quotes, not double quotes. If you change the two double quote character pairs to single quotes, that should take care of your problem.

devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist

Charlie Frank

Charlie has over a decade of experience in website administration and technology management. As the site admin, he oversees all technical aspects of running a high-traffic online platform, ensuring optimal performance, security, and user experience.
View Author
Show More