Easy enough - escape the quotes:
<CFSET Variables.Value = Replace( Variables.Value, "'", "''", "ALL"
)>
this replaces all single quotes with two single quotes the DB then knows
it's a single quote (works for Access, Informix, SQL server)
On second thought CF usually does this for you automatically in CFQUERY
unless you use the PreserveSingleQuotes() function...
HTH,
Noam
----------
From: Nichols, Robert H. [SMTP:[EMAIL PROTECTED]]
Sent: Wednesday, 16 May 2001 15:05
To: Fusebox
Subject: Strange characters
More of a CF question than a fusebox question, though it is taking
place in
a fusebox enabled application.... :)
I have a form with a text area for the client to enter comments.
the trick
though is that I have to allow the user to type single quotes (')
and double
quotes (") along with whatever other strange variables they want.
However,
I am choking when I try to insert their queries into the database.
has
anyone ever done this? if so, how did you do it?
The only thing I have come up with so far is URLEncoding it before
placing
it in the database and the URLDecoding it when it comes out.
However, that
seems overtly complicated. Can anyone suggest a better way?
Robert H. Nichols
Web Developer
Center for Engineering & Environmental Technologies
Information Delivery Systems <http://ids.rti.org>
Research Triangle Institute
Voice: 919-541-8009 Fax: 919-541-6936
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
