Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Quotes in SQL-strings?
Message
General information
Forum:
Visual FoxPro
Category:
Coding, syntax & commands
Title:
Re: Quotes in SQL-strings?
Environment versions
Visual FoxPro:
VFP 9 SP1
OS:
Windows XP
Network:
Windows 2003 Server
Database:
MS SQL Server
Miscellaneous
Thread ID:
01227570
Message ID:
01227572
Views:
26
>Hallo.
>Hope I can explain my problem.
>When I'm sending a command to the SQL-server, I make a string with single or double quotes (chr(39) or chr(34)).
>But if the user uses a quote in his searchcondition, the string will be corrupt. How do I deal with quotes in the searchconditions to avoid those problem.
>
>Example:
>Lets say that the user is looking for a monitor 14".
>
>=SQLEXEC(nHandle,"select *  from sqltable where field='monitor 14"' ","Result")
>
>This will not work as you see.
>
>/Kjell
TEXT TO lcSQL NOSHOW PRETEXT 15
     select *  from sqltable where field='monitor 14"'
ENDTEXT
=SQLEXEC(nHandle,lcSQL,"Result")

*** or better:
lcSearchedText = [monitor 14"]

TEXT TO lcSQL NOSHOW PRETEXT 15
     select *  from sqltable where field=?m.lcSearchedText
ENDTEXT
=SQLEXEC(nHandle,lcSQL,"Result")
Against Stupidity the Gods themselves Contend in Vain - Johann Christoph Friedrich von Schiller
The only thing normal about database guys is their tables.
Previous
Reply
Map
View

Click here to load this message in the networking platform