Beginner
Reputation: 29533
ASP - how to remove single quote from user input text
answer = Request.Form("Text" & i)
In a form a user inputs random text which is inserted into a database. Currently if the user puts in single quotes it creates an error. How do i remove just single quotes' from the users answer?
Upvotes: 2
Views: 12113
Answers (4)
pil0t
Reputation: 2185
Right way to solve this problem is use parameters when inserting to database. instead of:
SqlCommand cmd = new SqlCommand("INSERT INTO TABLE VALUES ('" + answer + "')");
use
SqlCommand cmd = new SqlCommand("INSERT INTO TABLE VALUES (@answer)",answer);
Upvotes: 3
Alex K.
Reputation: 175758
' are escaped by doubling, i.e replacing ' with 2 x ' for example "Ralph''s".
However you are far better off using parametrized statements with command objects which will take care of that for you.
Upvotes: 2
Bindas
Reputation: 970
Use
answer.Replace("\'", "");
The above will replace the Single quote.
Upvotes: 3
Related Questions
- Removing the double quotes from a string
- How to replace double quotes in a string?
- Replace double quotes to string empty
- Remove single quote from input
- How to remove spaces in a string after a certain character?
- Strip double quotes from a string
- how to remove english quote
- ASP - Removing Double quotes from a string
- How do I get the single quotes to remain in the variable?
- Stripping data out of a string in Vbscript