Since I don't use use brackets as text delimiters, I've never been bitten. Actually, I didn't even know there was a problem.
Thanks for pointing this out to me. I now have a
real reason to hate brackets beyond a personal peeve.
>Beware that any #DEFINE'd variables will be evaluated when using square brackets.
>
>I've been bitten by this a few times.
>
>
>>>Hallo.
>>>Hope I can explain my problem.
>>>When I'm sending a command to the SQL-server, I make a string with single or double quotes (chr(39) or chr(34)).
>>>But if the user uses a quote in his searchcondition, the string will be corrupt. How do I deal with quotes in the searchconditions to avoid those problem.
>>>
>>>Example:
>>>Lets say that the user is looking for a monitor 14".
>>>
>>>=SQLEXEC(nHandle,"select * from sqltable where field='monitor 14"' ","Result")
>>>
>>>This will not work as you see.
>>>
>>>/Kjell
>>
>>I hate using brackets for text delimiters (I keep thinking I'm seeing some array construct) but this is the one case they were designed to handle.
>>
>>=SQLEXEC(nHandle,[select * from sqltable where field = 'monitor 14"'],"Result")
>>