Bitten by the apostrophe/SQL bug

B

Brian

Well, I'm a dunce. I just ran into what has to be one of the oldest problems
around, and while I have a couple ways of getting past it, I'm interested in
the best or most efficient way.

I was using Docmd.RunSQL to insert records but forgot that some names have
apostrophes in them.

BatchID being Long, CustomerName being String, and Amount being Currency:

Dim strSQL as String
'fields to insert
strSQL = "INSERT INTO MyTable(BatchID,CustomerName,Amount)"
'insert this data
strSQL = strSQL & " SELECT " & BatchID & ",'" & CustomerName & "'," & Amount
Docmd.RunSQL strSQL

Of course, it worked fine for the Smiths but choked on O'Donnell. (This is
in the middle of a long loop through a recordset, not just a single record.)

Should I:

1. Use a query & pass it the data as parameters?
2. Do a Replace (CustomerName,"'","")

Some more clever idea?
 
A

Allen Browne

Suggestions:

1. Use the double-quote rather than the single quote.
Double-quotes are quite uncommon in names.
This kind of thing:
strSQL = strSQL & " SELECT " & BatchID & _
", """ & CustomerName & """, " & Amount

If the quotes don't make sense, see:
Quotation marks within quotes
at:
http://allenbrowne.com/casu-17.html

2. Use Execute with dbFailOnError:
This gives you much better information about the resuts than RunSQL.

Details in:
Action queries: suppressing dialogs, while knowing results
at:
http://allenbrowne.com/ser-60.html
 
J

John W. Vinson

Well, I'm a dunce. I just ran into what has to be one of the oldest problems
around, and while I have a couple ways of getting past it, I'm interested in
the best or most efficient way.

I was using Docmd.RunSQL to insert records but forgot that some names have
apostrophes in them.

BatchID being Long, CustomerName being String, and Amount being Currency:

Dim strSQL as String
'fields to insert
strSQL = "INSERT INTO MyTable(BatchID,CustomerName,Amount)"
'insert this data
strSQL = strSQL & " SELECT " & BatchID & ",'" & CustomerName & "'," & Amount
Docmd.RunSQL strSQL

Of course, it worked fine for the Smiths but choked on O'Donnell. (This is
in the middle of a long loop through a recordset, not just a single record.)

Should I:

1. Use a query & pass it the data as parameters?
2. Do a Replace (CustomerName,"'","")

Some more clever idea?
Click to expand...

Third option: delimit with " instead of with '.

strSQL = strSQL & " SELECT " & BatchID & ",""" & CustomerName & """," & Amount

strSQL will resemble

SELECT 123, "O'Donnell", 55.00

and will insert the name with no quibbles.
 
B

Brian

Thank you, Allen (and Chris & John).

Every day, I learn something new. Both the double-quotes in this context &
the Execute method of the DB using the SQL string are new to me.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Apostrophe Messing Up SQL String 2
Compile Error ?? 2
append SQL no records 8
SQL Syntax Error 6
Allow for apostrophes in select code 2
Edit/Update results in badly fragmented file 9
VB to .Net 6
Simple Insert Into... 28

Top