I have read some past posting regarding this issue, but did not find
anything that helped:
I am rather new to ColdFusion and MySQL. I have a application that I am
creating with UltraDev with, of course, both insert record and update record
functions. My problem is that when a user enters a value containing an
apostrophe, it really messes things up in my MySQL tables.
I found this bit of advice on a site that I visited:
> I don't think the double quotes will give you a problem, but you should
> replace single quotes with ` before you store the page.
>
> <cfquery ...>
> INSERT INTO <tablename> (htmldata) VALUES
> ('#replace(htmldata,"'","`")#')
> </cfquery ...>
>
> You'll have to do the same on update
Of course I'm assuming that I'll have to reverse this procedure (swap
apostrophes with accents) somehow upon display of the data as well.
The INSERT part of the code that UltraDev has created looks like thus:
MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ")
values (" & MM_dbValues & ")";
I have tried incorporating the recommended code into my own in a number of
different ways with no success.
I'm assuming, perhaps wrongly, that this is one of those things that nearly
everyone has to deal with. Can somebody guide me in resolving this. For now,
I feel like I'm just going to have to post a message on the INSERT and
UPDATE pages that warn users not to use apostrophes.
--
Brian Fitzgerald
Web/UI Developer
Lincoln Public Schools::Internet Services
Lincoln, Nebraska USA
http://www.lps.org
[EMAIL PROTECTED]
______________________________________________________________________
Why Share?
Dedicated Win 2000 Server � PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
Instant Activation � $99/Month � Free Setup
http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
