I have a simple form submission but the problem is my SQL insert (or update) is failing if in the text field there is any single quotes (')
I tried running the like replace(textfield,"'","") to just remove them but it will still error out on me.
is there any other way to format the variable, do I need to use an escape character?
Running into a what I thought should be a small problem but it's going on an hour and I still can't figure it out
Reading an excel file and running queries on Sheet names. The problem is when there is a single quote in the sheet name.
selectQuery = "SELECT * FROM Dave's Sheet"
I tried to use
selectQuery = "SELECT * FROM Dave's Sheet"
But that doesn't work either.
It keeps bombing the query. Not matter what I try I can't get this to work. I can't replace the single quotes because then it can't find the tab name. Any ideas?
how i could insert data into my DB that contained apostrophes. for example, I wanted to insert Bailey's well, my SQL statement was being cut off when it hit the ' and i was getting all sorts of errors. i was writting some complex stuff to take out the ' then re-insert it when being displayed.lots of work then i thought, what if i replace my ' with " in my insert statement.
like i said, some of you may know this, but i thought id share my experience with you just in case someone runs across the same problem.
I am having a problem with a single quote in my URL. I use HTMLEncode and all is good on my machine, but when I test it with a browser from a different machine, I get 403 on invalid characters. More, it seems to me that the URL gets truncated after that single quote that I have in my URL.
View Replies View RelatedI'm trying to produce an image with a javascript link. The problem seems to
be with the single quote. Here is the code that I wrote:
response.Write("<a href='javascript:PopUp('http://www.yahoo.com')'><img src='image1.jpg' width='50' height='67'></a>")
When I preview the page and roll over the image, the link is truncated to just javascript:PopUp( .
I've tried creating the link with a string like below.
strLink = "javascript:PopUp(" & " ' " & "http://www.yahoo.com" & " ' " & ")"
The string displayed properly when printed on screen, but when I tried to use it as the link it truncated again. I'm not real sure what to try next.
I have a rather basic question. I have a simple username and password front end that queries a SQL database, I run into problems when one of the user names has a single quote in it (IE: O'brian).
I get the "Microsoft OLE DB Provider for SQL Server error '80040e14' Line 1: Incorrect syntax near 'brian'." error message, any clues on how to display those particular cases? is there anything in particular that should be done to my SQL statement?
I have a code that goes to the url of the company.My problem is that if a company name has a single quote in it,it tries to end the statement.I tried a replace as you will see,but still doesn't work.Heres my code:
Response.Write "<td><center><a href='edit.asp?company="
Response.Write server.URLEncode(replace(rs("Company"),"'","'"))
Response.Write "'>Edit</a></center></td>"
i want to place single quote in customer name. how?
View Replies View RelatedWhere would i put this code:
replace(fieldToInsert, "'", "''")
to solve the problem of inserting these types of illegal characters into the database.
Heres the code which i need it to be in:
Code:
I have a asp page where part of the code is as follows. This builds up the sql statement partially.
sql01 = "UPDATE EquipmentTbl SET "
sql01 = sql01 & "SerialNumber = '" & request.form(strSerialNum) & "', "
sql01 = sql01 & "Description = '" & request.form(strDesc) & "', "
sql01 = sql01 & "Location = '" & request.form(strLoc) & "', "
RESULT OF PARTIAL UPDATE STATEMENT USING RESPONSE.WRITE IS:
UPDATE EquipmentTbl SET SerialNumber = 'A83737', Description = 'Video
Conferencing Equipment', Location = 'Conference Rooms cabinet',
Now, in the above, I would like to be able to put the location field as 'Don's room'. In other words, I would like to handle the aprostrophe after Don. With this in mind I am changing the code as following: Code:
Is it possible to grab stock quotes (with of course the 15min delay!!) and place within an ASP page?written in ASP.it is possible to read HTML content on webpages without outputting them and then using the values etc
View Replies View RelatedI'm trying to make a dynamic table where on the left side items are placed and on the right side the item clicked is shown. For an example look at www.uitdagen.nl uitgaan->cafes
This all works fine except when I use a ' or a newline a error is generated because in dhtml a ' is used to open and close a string. When i use a ' in the string it goes wrong because i already close the string in the string.
If already tried to use chr(39) etc. But this won't work because this still will generate a ' for the dhtml.
I am writing an asp app for generating quotes. What I would like to do is allow the user to edit the quote lines without having to open a new page each line.
On the quote I have created a loop which goes through the recordset and populates a sort of data grid. Can you use javascript or something so the user can click an edit icon on the appropriate line item in the grid and edit the line details there instead of having to open another page to edit the line item.
I have this simple Select:
Select * from MATABLE WHERE title = '"&myvariable&"' ORDER BY title
so some of my title have single quote/apostrophe in them, ex: Don't know me . so when I tried to access those article with that kind of title I get the error message Missing operator. So is there a way to have my title be all right? a function maybe?
I am working on building an asp forum, (I have posted a few times with questions ) and it works for the most part now, but I am trying to fix some things.
I am storing posts in a memo field. Originally it was text fields, but 255 characters is just not good enough.
Now, posts are saved fine except for 2 things:
1/ " and ' cause errors. These are causing conflicts with my INSERT SQL statement that is made. How would you get around this problem, I wonder?
2/ New lines etc are not being put into the memi field. I can live without this for the time being, but at some point I will want to implement posts being outputted in the same format they were inputted. Any advice on how to deal with this issue?
I am having trouble getting the 's and +s on this statement correct. The first select line works as it is supposed to but the 2nd one does not. Can anyone correct this and perhaps tell me/point me in the direction of the rule of thumb for stuff like this?
Code:
<SELECT size="1" name="waste" onChange="window.location='drumsnew.asp?waste='+this.value+' &c_type=<%=Selected_Container_Type%>'+'&c_size=<%=Selected_Container_Size%>';">
<SELECT size="1" name="ctype" onChange="window.location='drumsnew.asp?waste='<%Selected_Waste_Type%>'+'&c_type='+this.value+'&c_size=<%
=Selected_Container_Size%>';">
I seem to end up with too many double quotes when using this clean up function.. either that or I am missing a display function when I display the details from the dB.
My function
Code:
Function CleanFormFields(FieldString)
FieldString = Replace(FieldString, "�", "'")
FieldString = Replace(FieldString, "�", """""")
FieldString = Replace(FieldString, "�", """""")
FieldString = Replace(FieldString,"""","""""")
FieldString = Replace(FieldString, "'", "''")
FieldString = Trim(FieldString)
CleanFormFields = FieldString
End Function
I only really wanted the microsoft ouble quote to become one set of double quote instead of double as I have here but I can't get away with anything less.
essentially when I input a � I get a "" when I only want ".
If rs("MyString") is Hello "Jim" Lad
<input type=text value="<%=rs("MyString")%>">
prints as <input type=text value=" Hello "Jim" Lad">
How can I get double quotes to display in a text box or textarea? Using a backslash or &Quot; (with Replace() e.g.) just prints out the backslash or &Quot;
Here's the line I need to insert into an ASP page.
<script Language="JavaScript" src="/blarg.js"></script></head>
Right now it throws off the asp include with the quotes.
I've got a form which lets users input HTML code into a database (the user enters their code into a form field, then submits, and the HTML is written to a db). This code is then pulled out of the database onto a web page. It must validate - so needs to have all characters intact.
How do I perform an update statement which lets me insert double quotes into the database? I know it's possible to achieve a similar thing by replacing the double quotes with some other characters on insert, then replacing these other characters with double quotes when the data is pulled out of the db, but this seems a bit messy.
How should I pass a " (doble-quote) character to response.write() in order for it to be sent to the output ?
View Replies View Relatedobviously in standard asp. and i'm not even sure where to begin. I currently have it set up for a random quote every time a user refreshes the site. This was no problem. Any help or if you can point me in the right direction.
View Replies View RelatedI create an ASP file using fso.createtextfile. But how do I avoid double quotes and <% %signs when writing to file?
FileAsp.WriteLine("<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252">")
FileAsp.WriteLine("<!-- #Include file="file.asp" -->")
FileAsp.WriteLine(" <% =Blah %>")
I have been using recordsets to access data from a database.I then loop thru each row in a dataset and assign the values to the objects on my web page.The particular sql stmt that I have right now, only returns a single value from a database. I need to assign this single value to a variable in my asp code. Can I do this without using a recordset?
If I have to use a recordset, do I just do var1 = recordset("columnname") (I ofcource create the connection object, the sql stmt and stuff first).
I'm assuming this can be done, but I can't seem to get it to work... I'd
like to easily return a single value from a sql statement, something like:
"intNewItems = conn.execute "SELECT COUNT (ItemID) WHERE ItemDate = Date()",
where conn is the connection object, etc. What am I getting wrong?
I am trying to send a 'single' data type to a sql server db cell that is formatted for 'decimal' from asp/ado code and it is converting it to an integer. Should I be using some other data type in sql server?
View Replies View Relatedcan i delete related data from 2 tables using a single sql statement? is my code correct? correct me if i wrong. i want to delete data where user click the delete link.
Code:
sqlDelete = "DELETE FROM Reservation R, Quotation Q WHERE R.resID = " & request.querystring("id") & " And Q.resID = " & request.querystring("id")
I have a table with one header, everytime I use this code (below) it returns EOF and I know for sure there is at least a zero there:Code:
set rs = server.createobject("adodb.recordset")
rs.open "SELECT myonlyheader FROM mydatabase", "dsn=whatever"
response.write rs("myonlyheader")
rs.close
set rs = nothing
What am I doing wrong here?
I am looking to implement a single-sign on solution for my company's website which has many partner websites scattered around the globe.
I want the members to be inconvenienced as much as possible, so if they log into one website, they are logged into all of them. As each website exists on seperate web servers in different locations, this makes my options a little tricky.
Has anyone had any experiences of single-sign on? I only know a little of XML, but I understand that this kind of thing can be achieved using XML over SOAP.
point me to resources that will tell me more about enabling a web application to tegrate with windows security for single sign on
View Replies View RelatedI've got an HTML page with a series of links that are intended to search a category listing in a database.
for example
link 1 has a querystring of "?subid=Boats"
link 2 has a querystring of "?subid=Cars & Trucks"
link 3 has a querystring of "?subid=Men's & Women's Outerwear"
etc
As long as the subid doesn't contain any single quotes or any special characters such as the "&", my SQL works ok and the records are retrieved. 'm using Request("subid") to get my querystring value.Is there any way I can escape the single quotes or other special characters in the Request("subid") so it won't break the SQL?
I've built an array like this and I've put it into an application:
Code:
If not isArray(Application("utenti"))thenDim online(1,4)online(0,0)=4 online(1,0)=1online(0,1)=5online(1,1)=1online(0,2)=7online(1,2)=1online(0,3)=9 online(1,3)=3online(0,4)=15online(1,4)=3application("utenti")=onlineEnd if
Now is it possible to modify some values in this application-array?For example trying to set the value in position 1,1 equal to 3 I wrote: application("utenti")(1,1)=3
or
Redim Preserve application("utenti")(1,1)
application("utenti")(1,1)=3
I'm building a few web sites that will use distinct domain names but will reside on the same server, at the same IP address, in the same application space, and will share a database. They will each provide different content depending on the domain name, but will share some core functionality behind the scenes.
What I'd like to be able to do is have one site serve as the primary site. If a visitor comes to one of the secondary sites and wishes to perform a function that requires them to be logged in, I'd like them to be able to log in only once and then be able to visit any of the sites without having to login again. Does anyone know of a pure ASP script-based single sign-on system?