VB.net Escaping

  • Thread starter Thread starter Stefan Richter
  • Start date Start date
S

Stefan Richter

How do I encode double quotes and quotes and in a string in VB.NET?
It also has to be save for MS SQL Server...


Stefan
 
If you use stored procedures, you dont need a lot of the quote and
other escaping you need to do otherwise. That being said, the only
"quote" issue you have (no pun intended) is with single quotes. In
this case, double the single quotes. A common way of doing this is
with the Replace method ...

sql = replace(str, "'", "''")

That's a single quote surrounded by double quotes as the 2nd parameter
and two single quotes surrounded by double quotes as the 3rd
parameter.
 
Stefan Richter said:
How do I encode double quotes and quotes and in a string in VB.NET?
It also has to be save for MS SQL Server...
Click to expand...

I would recommend avoiding escaping entirely when it comes to SQL
statements - use parameters instead, and you don't need to worry about
formatting or escaping.

You don't have to be using stored procedures to use parameters.

See http://www.pobox.com/~skeet/csharp/faq/#db.parameters for more
information.
 
Stefan,
How do I encode double quotes and quotes and in a string in VB.NET?
Click to expand...

You include double quotes in a string by doubling them, like this

"a ""quoted"" word"



Mattias
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Decode function in vb.net 0
How do I get VB.NET to compile/build a simple program.exe 2
How do I get HD serial number 10
MIME BASE64 3
Deploying application with SQL server 6
need help looping through string of names 1
How do I open file for input 13
Generating Reports Using VB.net 1

Back
Top