Snitz Forums 2000 - ASP apostrophe problem

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Community Forums

Code Support: ASP (Non-Forum Related)

ASP apostrophe problem

New Topic

Topic Locked

Printer Friendly

Author

Topic

Zenfor
Junior Member

372 Posts

Posted - 24 December 2007 : 09:02:01

Hi, I tried to fix this without luck and you guys have bailed me out before so I'm hoping someone might know how to fix this. I have a form with two fields (title and body) and they both cause errors when I use an apostrophe. I tried to replace them with double quotes but it's not working. Here is the code and I appreciate any help or ideas, I'm lost...

Thank you...

http://www.eastonmass.com/testing/admin_template.txt

Edited by - Zenfor on 24 December 2007 09:02:19

muzishun
Senior Member

United States
1079 Posts

Posted - 24 December 2007 : 10:23:25

What's happening is you aren't escaping the apostrophes. I am assuming this is the block of code that you're referring to:


		If NOT rsSaveTemp.EOF Then
		  rsSaveTemp("news_title") = Trim(Request.Form("temptitle"))
			rsSaveTemp("news_body") = Trim(Request.Form("tempbody"))
			rsSaveTemp.Update
		  msg = "updated"
		Else
		  strSQL = "INSERT INTO newsletter ([news_title],[news_body]) Values('"&Trim(Request.Form("temptitle"))&"','"&Trim(Request.Form("tempbody"))&"')"
            news_title = Replace(news_title, "'" , "''" )
			news_body = Replace(news_body, "'" , "''" )
			'Response.Write strSQL
			 ' Response.End

			objConn.Execute strSQL
			msg = "success"
		End If

If so, change it to look like this:


		If NOT rsSaveTemp.EOF Then
		  rsSaveTemp("news_title") = Replace(Trim(Request.Form("temptitle")),"'","''")
			rsSaveTemp("news_body") = Replace(Trim(Request.Form("tempbody")),"'","''")
			rsSaveTemp.Update
		  msg = "updated"
		Else
	            news_title = Replace(Trim(Request.Form("temptitle")), "'" , "''" )
			news_body = Replace(Trim(Request.Form("tempbody")), "'" , "''" )
		  strSQL = "INSERT INTO newsletter ([news_title],[news_body]) Values('"&news_title&"','"&news_body&"')"
			'Response.Write strSQL
			 ' Response.End

			objConn.Execute strSQL
			msg = "success"
		End If

See if that fixes your problem.

Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com)

Zenfor
Junior Member

372 Posts

Posted - 24 December 2007 : 12:21:09

muzishun,

I tried that but I am getting the error on line 44 now, the block above that one.
Thank you for your help.

pdrg
Support Moderator

United Kingdom
2897 Posts

Posted - 26 December 2007 : 14:23:06

apostrophes cause all kinds of problems working with SQL Server (and maybe other db's) due to them being 'string delimiters' - you have to convert them to get them into the db, and again to get them out and display them again - just something you'll have to practice a lot and study how other people do it, and try simple and increasingly complex examples until you're good. Even those of us who do it a lot often make mistakes and have to build up and test the strings all the time!

Zenfor
Junior Member

372 Posts

Posted - 03 January 2008 : 20:55:05

I have this fixed, thanks for the help...

muzishun
Senior Member

United States
1079 Posts

Posted - 03 January 2008 : 23:10:20

Glad you got it working. Sorry I sort of dropped out, but work has been rather busy this week, so I haven't had a whole lot of time to work on other things.

Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com)

pdrg
Support Moderator

United Kingdom
2897 Posts

Posted - 04 January 2008 : 11:36:46

Glad you're sorted - pain, isn't it?!

Topic

New Topic

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 0.21 seconds.