>Hallo.
>Hope I can explain my problem.
>When I'm sending a command to the SQL-server, I make a string with single or double quotes (chr(39) or chr(34)).
>But if the user uses a quote in his searchcondition, the string will be corrupt. How do I deal with quotes in the searchconditions to avoid those problem.
>
>Example:
>Lets say that the user is looking for a monitor 14".
>
>=SQLEXEC(nHandle,"select * from sqltable where field='monitor 14"' ","Result")
>
>This will not work as you see.
>
>/Kjell
TEXT TO lcSQL NOSHOW PRETEXT 15
select * from sqltable where field='monitor 14"'
ENDTEXT
=SQLEXEC(nHandle,lcSQL,"Result")
lcSearchedText = [monitor 14"]
TEXT TO lcSQL NOSHOW PRETEXT 15
select * from sqltable where field=?m.lcSearchedText
ENDTEXT
=SQLEXEC(nHandle,lcSQL,"Result")
Against Stupidity the Gods themselves Contend in Vain - Johann Christoph Friedrich von Schiller
The only thing normal about database guys is their tables.