Jump to content

error in asp classic"Javascript" when user insert data with ' symbol


Dano

Recommended Posts

Hello everyone,how can I avoid error in insert code when user insert data with ' symbol? here is a sample for my code: var insert_to = " Insert Into messages ( title, message )" + " values ( '"+title+"' ,'"+message+"' )"; conn.execute(insert_to); how can I avoid that? "I am useing asp with JavaScript <%@Language="JavaScript"%> not VBScript" thanks...

Link to comment
Share on other sites

If they type the word "don't", then the query needs to look like this: ... values ('don\'t', ... The slash tells it that the quote is part of the data instead of a quote to end the string. Javascript strings have a method called replace that you can use to find and replace characters (find a quote, replace it with a slash plus a quote), or you can use String.split and Array.join.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...