This script will replace single quotes so the data is SQL-safe
<%
Function fncReplaceSingleQuotes( ByVal strToReplace )
On Error Resume Next
Const Proc = "fncReplaceSingleQuotes"
strToReplace = Replace(strToReplace, "'", "''")
fncReplaceQuote = strToReplace
If err.Number < > 0 then
Call subWriteError(err.Number, Proc, err.Description)
End if
End Function
'
' ...
'
strVar = Request.Form("txtField1")
strVar = fncReplaceSingleQuotes(strVar)
% >
Function fncReplaceSingleQuotes( ByVal strToReplace )
On Error Resume Next
Const Proc = "fncReplaceSingleQuotes"
strToReplace = Replace(strToReplace, "'", "''")
fncReplaceQuote = strToReplace
If err.Number < > 0 then
Call subWriteError(err.Number, Proc, err.Description)
End if
End Function
'
' ...
'
strVar = Request.Form("txtField1")
strVar = fncReplaceSingleQuotes(strVar)
% >
Views 4,587
Downloads 1,471
CodeID
DB ID