Results 1 to 5 of 5
  1. #1
    Join Date
    Dec 2003
    Location
    Gandhinagar India
    Posts
    22

    Lightbulb Unanswered: Advice Me: which characters can make insert go wrong

    hi,
    I am creating a jsp app which will add some data to mysql tables.. Now if we enter some characters like single quote(') it will create error while inserting/updating the db..
    I would like to know what can i do for that.. Also what all characters like single quotes can create problem in updation of db..
    thanks
    Last edited by bobd303; 02-02-05 at 01:49.

  2. #2
    Join Date
    Apr 2002
    Location
    Toronto, Canada
    Posts
    20,002
    single quote is the only problem

    replace each single quote in the text with two consecutive single quotes

    e.g. to insert the name O'Toole,

    insert into names (name) values ( 'O''Toole' )
    rudy.ca | @rudydotca
    Buy my SitePoint book: Simply SQL

  3. #3
    Join Date
    Dec 2003
    Location
    Gandhinagar India
    Posts
    22

    Thumbs up

    thanks buddy

  4. #4
    Join Date
    Feb 2005
    Posts
    8
    It is good practice, anytime you update or insert strings into a SQL database, to pass the values through a function that handles the quotes. Example, in ASP I do something this:

    function f_SafeQuotes(inputstring)
    f_SafeQuotes = replace(inputstring," ' ", " '' ")
    end function

    ...

    conn.execute "insert into test (ID,name) values (1," & f_SafeQuotes(namevar) & ")"

  5. #5
    Join Date
    Dec 2003
    Location
    Gandhinagar India
    Posts
    22
    that is a good idea.. infact now i am doing the same.. thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •