| Author |
 Topic  |
|
|
muzishun
Senior Member
United States
1079 Posts |
 Posted - 16 December 2004 : 14:52:11
|
Ok, I'm trying to strip the quotes and apostrophes from a string to store in an SQL statment (going to an Access db). I still want the ' and " to display on the page when the data is retrieved, though. Here's the two things I've tried, with no luck. Any suggestions?
Function stripquote(strStripQuote)
strStripquote = Replace(strStripQuote,"'","asc("'")")
strStripquote = Replace(strStripQuote,""","asc(""")")
End Function
and
Function stripquotes(strStripQuote)
strStripquote = Replace(strStripQuote,"'","#39;")
strStripquote = Replace(strStripQuote,""","#34;")
End Function
|
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 16 December 2004 : 14:56:38
|
Function stripquote(fString)
stripquote = replace(fString, "'", "''")
End Function
|
-Stim |
Edited by - Da_Stimulator on 16 December 2004 14:58:01 |
 |
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 16 December 2004 : 18:34:48
|
| Will I need to do this for " as well? Or does that not interfere with SQL strings? |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 17 December 2004 : 09:04:18
|
| if the * is within a sql string ('blah blah * blah') then it shouldnt matter |
-Stim |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 17 December 2004 : 09:13:11
|
| Sorry... I meant the quotation mark. But it's good to know the asterisk won't interfere. |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 17 December 2004 : 09:36:11
|
quotation shouldnt matter either, as long as its inside the ''
I thought it would to, so I converted single " to double "" when inserting into db... but it inserted double "" in db, and looked like crap when I pulled it out. |
-Stim |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 17 December 2004 : 13:00:45
|
| Wonderful. It's good to know I don't need to worry about them, then. Another question now: Is there a way to run this function on a bunch of different strings without doing each string individually? I'm retrieving a bunch of form data, and I am currently manually sending each variable through the function. Is there some way to do this to a group of items that aren't numbered (I don't think a Do...Loop or a For...Next will work in this case)? |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 17 December 2004 : 13:26:35
|
if your variables are in an array, you can use for next, if they are individual variables then you will have to do them individually
|
-Stim |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 17 December 2004 : 22:00:52
|
That's what I thought. Thanks.  |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 18 December 2004 : 11:23:25
|
Pesky quotes. I've tried to change this around a little bit, since I still got errors when I tried to execute the string. Here's the error I'm getting now:
Microsoft VBScript compilation error '800a0414'
Cannot use parentheses when calling a Sub
/submit_bio.asp, line 30
if instr(m_name,"'") then Replace(m_name,"'","''")
--------------------------------------------------^
The entire file in question looks like this (the problem lines are in red):
<%@ Language="VBScript" %>
<% Option Explicit %>
<html>
<head>
<title>Form to database</title>
</head>
<body>
<%
Dim objGIBioConn
'Dim objGIBioRS
Dim strSQL
Dim strStripQuote
Dim m_name, m_voicepart, m_hometown, m_year, m_major, m_job, m_bio, m_favsong, m_favmemorquote, m_influences, m_dreamjob, m_maynotknow, m_favquote
' Receiving values from Form, assign the values entered to variables
m_name = Request.QueryString("member_name")
m_voicepart = Request.QueryString("member_voicepart")
m_hometown = Request.QueryString("member_hometown")
m_year = Request.QueryString("member_year")
m_major = Request.QueryString("member_major")
m_job = Request.QueryString("member_job")
m_bio = Request.QueryString("member_bio")
m_favsong = Request.QueryString("member_favsong")
m_favmemorquote = Request.QueryString("member_favmemorquote")
m_influences = Request.QueryString("member_influences")
m_dreamjob = Request.QueryString("member_dreamjob")
m_maynotknow = Request.QueryString("member_maynotknow")
m_favquote = Request.QueryString("member_favquote")
if instr(m_name,"'") then Replace(m_name,"'","''")
if instr(m_voicepart,"'") then Replace(m_voicepart,"'","''")
if instr(m_hometown,"'") then Replace(m_hometown,"'","''")
if instr(m_year,"'") then Replace(m_year,"'","''")
if instr(m_major,"'") then Replace(m_major,"'","''")
if instr(m_job,"'") then Replace(m_job,"'","''")
if instr(m_bio,"'") then Replace(m_bio,"'","''")
if instr(m_favsong,"'") then Replace(m_favsong,"'","''")
if instr(m_favmemorquote,"'") then Replace(m_favmemorquote,"'","''")
if instr(m_influences,"'") then Replace(m_influences,"'","''")
if instr(m_dreamjob,"'") then Replace(m_dreamjob,"'","''")
if instr(m_maynotknow,"'") then Replace(m_maynotknow,"'","''")
if instr(m_favquote,"'") then Replace(m_favquote,"'","''")
'declare SQL statement that will query the database
strSQL = "INSERT INTO gi_member_bios (member_name, member_voicepart, member_hometown, member_year, member_major, member_job, member_bio, member_favsong, member_favmemorquote, member_influences, member_dreamjob, member_maynotknow, member_favquote) values ('" & m_name & "', '" & m_voicepart & "', '" & m_hometown & "', '" & m_year & "', '" & m_major & "', '" & m_job & "', '" & m_bio & "', '" & m_favsong & "', '" & m_favmemorquote & "', '" & m_influences & "', '" & m_dreamjob & "', '" & m_maynotknow & "', '" & m_favquote & "');"
'Set objGIBioConn = Server.CreateObject("ADODB.Connection")
'objGIBioConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=MDB FILE"
'objGIBioConn.open
response.write strSQL
'execute the SQL
'objGIBioConn.execute(strSQL)
'response.write "The form information was inserted successfully."
' Done. Close the connection object
'objGIBioConn.close
'Set objGIBioConn = Nothing
%>
</body>
</html>
Also, here is a link to the referring page that contians the form. (Source) |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
Edited by - muzishun on 18 December 2004 11:29:19 |
|
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 18 December 2004 : 11:32:46
|
if instr(m_name,"'") then Replace(m_name,"'","''")
should be
if instr(m_name, "'") then m_name = replace(m_name, "'", "''")
but if you have a function to do that, like below:
function stripquotes(fString)
stripquotes = replace(fString, "'", "''")
end function
then all you have to do is:
m_name = stripquotes(request.querystring("member_name"))
I would recommend using post data instead of get data for this |
-Stim |
Edited by - Da_Stimulator on 18 December 2004 11:34:53 |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 18 December 2004 : 18:37:53
|
| How would I do that? I tried using Request.Form, but it didn't seem to work. Is there something I need to put in the biosdb.asp page (the one with the form)? I'm currently just using the <form action="submit_bio.asp"> tag. |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
|
Da_Stimulator
DEV Team Forum Moderator
USA
3373 Posts |
Posted - 18 December 2004 : 20:04:21
|
use <form action="whatever.asp" method="post">
Then use request.form, instead of request.querystring. |
-Stim |
|
|
|
muzishun
Senior Member
United States
1079 Posts |
Posted - 18 December 2004 : 23:46:14
|
| Great, thanks! |
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com) |
|
|
| |
Topic |
|
|
|
Topic Locked
