Results 1 to 2 of 2
  1. #1
    Join Date
    Nov 2009
    Posts
    3

    Unanswered: ASP.NET C# Problem with database update

    Hey guys, basically i am inserting data into a database using input from text boxes.

    1. Values from text boxes are read into string variables
    2. Concatenate the sql update query

    string strSQL = "UPDATE Food SET Food_Name = '" + Food_Name + "', Food_Brand = '" + Food_Brand + "', Image ='" + Image + "', Food_Description='" + Food_Description + "', Weight='" + Weight + "', Food_Price='" + Food_Price + "', Stock='" + Stock + "', Fat_Content='" + Fat_Content + "', Expiry_Date='" + Expiry_Date + "', Servings='" + Servings + "' WHERE barcode_number = '" + barcode_number + "'";

    Problem is as the image variable contains parenthesis (<img src="hello.jpg">) when the code runs it stops at the first ". eg so its running Update food set... image=' "

    basically i just want to figure out how to escape the " from the variable but have had no luck with google. I've read about string literals (@) but have no idea how to apply it to this situation.

  2. #2
    Join Date
    Feb 2004
    Location
    One Flump in One Place
    Posts
    14,912
    Testimonial:
    pootle flump
    ur codings are working excelent.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •