Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / General / March 2008

Tip: Looking for answers? Try searching our database.

HtmlEncode and apostrophes

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
musosdev - 31 Mar 2008 17:47 GMT
Hi

I'm trying to code up an admin system for my website. A couple of the
welcome text paragraphs are stored in an SQL database, so that we can update
them should we need to. However, even though I'm using the HTMLEncode method
(I've also tried the URLEncode method), the apostrophe always remains, and
then when I try and do the update query, I get...

Unclosed quotation mark after the character string

The SQL is UPDATE StaticPages SET Text = 'blah' WHERE PageID = 'ABOUT'

The code only breaks when the Text variable contains an apostrophe. But, I'm
using an encoding method? Why is the apostrophe not being encoded?

Thanks,

Dan
Reply to this Message
David Wier - 31 Mar 2008 17:51 GMT
the sql never hits the page, and is not shown - - it's not an HTML/urlEncode
situation - -
you'd need to double the single quotes to get SQL to recognize it, since the
update statement is a string - -
But first - I'd suggest not doing it with concatenation this way - used
parameterized queries:
http://www.aspnet101.com/aspnet101/tutorials.aspx?id=1 (2 part tutorial)

David Wier
http://aspnet101.com
http://iWritePro.com - One click PDF, convert .doc/.rtf/.txt to HTML with no
bloated markup

> Hi
>
[quoted text clipped - 17 lines]
>
> Dan
Reply to this Message
musosdev - 31 Mar 2008 18:18 GMT
Thanks David - Parameterised queries worked first time! A good one to remember!

> the sql never hits the page, and is not shown - - it's not an HTML/urlEncode
> situation - -
[quoted text clipped - 30 lines]
> >
> > Dan
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.