Information générale
Catégorie:
Active Server Page
>>Hi
>>
>>
>>I have a problem with users entering ' in a field on a classic asp page which is then used to create an SQL string which then fails.
>>
>>Whats the quickest solution to this problem.
>>
>>The system is on maintenance only so I'm really looking for something that requires minimal changes.
>>
>>
>>Thanks
>>
>>Nick
>
>Either use parameters or replace the input string with double '' (you should double the single quote). The first solution is much better.
Thanks Naomi
at the moment there's no justification for the extra work involved in switching to parameters.
Nick
Précédent
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement