Professional Web Applications Themes

Stored Procedure & Quotes! - ASP Database

I have a log in stored procedure. If some one was to enter a word containing an apostrophe, i understandably get an error. So i did the typical replace one quote with two. With standard sql statements this often is the remedy. In this case however i am still getting a syntax error. How do i deal with apostrophe's in store procedure paremeters? Thanks to all who respond!!! eg: EXEC do_login account_name=dfsdf''s, account_password=dsafsd AJ...

  1. #1

    Default Stored Procedure & Quotes!

    I have a log in stored procedure. If some one was to enter a word containing
    an apostrophe, i understandably get an error.
    So i did the typical replace one quote with two. With standard sql
    statements this often is the remedy.
    In this case however i am still getting a syntax error. How do i deal with
    apostrophe's in store procedure paremeters?

    Thanks to all who respond!!!

    eg:
    EXEC do_login account_name=dfsdf''s, account_password=dsafsd

    AJ


    Anthony Guest

  2. #2

    Default Re: Stored Procedure & Quotes!

    On Sun, 17 Oct 2004 10:57:26 +1000, "Anthony Judd"
    <com.au> wrote:
     

    That would mostly depend on how you needed to treat them and what you
    were doing with the data. Escaping them with a second single quote
    works as far as code goes, but if your data shouldn't have quotes then
    don't accept them to pass to the SP.

    Jeff
    Jeff Guest

  3. #3

    Default Re: Stored Procedure & Quotes!

    Anthony Judd wrote: 
    Use parameters instead of dynamic sql. Then you won'r have to worry about
    dealing with delimiters, or sql injection:

    http://tinyurl.com/jyy0

    Bob Barrows
    --
    Microsoft MVP - ASP/ASP.NET
    Please reply to the newsgroup. This email account is my spam trap so I
    don't check it very often. If you must reply off-line, then remove the
    "NO SPAM"


    Bob Guest

Similar Threads

  1. SQL Stored Procedure Problem "Single Quotes"
    By tranzformerz in forum Coldfusion Database Access
    Replies: 4
    Last Post: June 7th, 05:08 PM
  2. Stored procedure?
    By SG via DotNetMonster.com in forum ASP.NET Web Services
    Replies: 0
    Last Post: February 23rd, 01:06 PM
  3. Stored procedure
    By Uri in forum Microsoft SQL / MS SQL Server
    Replies: 13
    Last Post: August 19th, 03:23 PM
  4. Stored Procedure Help
    By Jack in forum Microsoft SQL / MS SQL Server
    Replies: 7
    Last Post: July 14th, 06:33 PM
  5. need help on a stored procedure
    By Helixpoint in forum Microsoft SQL / MS SQL Server
    Replies: 0
    Last Post: July 8th, 01:26 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139