SitePoint Sponsor |
|
User Tag List
Results 1 to 8 of 8
-
Dec 28, 2011, 01:53 #1
- Join Date
- Nov 2011
- Location
- Cabanatuan City, Philippines
- Posts
- 56
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
mysql_real_escape_string() on ASP
Is there a VBScript/ASP that works like mysql_real_escape_string()???
-
Dec 28, 2011, 12:03 #2
- Join Date
- Oct 2001
- Location
- Vancouver BC Canada
- Posts
- 2,037
- Mentioned
- 5 Post(s)
- Tagged
- 0 Thread(s)
Have you checked the Funky Functions Thread?
http://www.sitepoint.com/forums/show...nctions-in-ASPAndrew Wasson | www.lunadesign.org
Principal / Internet Development
-
Dec 28, 2011, 18:14 #3
- Join Date
- Nov 2011
- Location
- Cabanatuan City, Philippines
- Posts
- 56
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Thanks.I'm gonna work on it.
-
Dec 28, 2011, 19:17 #4
- Join Date
- Nov 2011
- Location
- Cabanatuan City, Philippines
- Posts
- 56
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I tried this code and it works.
<%
Dim MyVariable, SQL
MyVariable="My name is Michael, I'm a developer"
MyVariable =Replace(MyVariable,"'","''")
SQL = "INSERT INTO TableName(TablefieldName) VALUES ('" & MyVariable & "')"
%>
-
Dec 28, 2011, 22:37 #5
- Join Date
- Oct 2001
- Location
- Vancouver BC Canada
- Posts
- 2,037
- Mentioned
- 5 Post(s)
- Tagged
- 0 Thread(s)
I like using this one called clean quotes because it's pretty thorough: http://www.sitepoint.com/forums/show...ape#post312576
Also here's a little library of PHP-like functions: http://www.sitepoint.com/forums/show...an#post1980880Andrew Wasson | www.lunadesign.org
Principal / Internet Development
-
Dec 28, 2011, 22:40 #6
- Join Date
- Nov 2011
- Location
- Cabanatuan City, Philippines
- Posts
- 56
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I can't apply those funky functions to my page.
-
Dec 28, 2011, 22:48 #7
- Join Date
- Oct 2001
- Location
- Vancouver BC Canada
- Posts
- 2,037
- Mentioned
- 5 Post(s)
- Tagged
- 0 Thread(s)
Here you go. This is from the second link.
<%
function AddSlashes(str)
AddSlashes = replace(str,"'","''")
end function
Dim MyVariable, SQL
MyVariable="My name is Michael, I'm a developer"
MyVariable =AddSlashes(MyVariable)
SQL = "INSERT INTO TableName(TablefieldName) VALUES ('" & MyVariable & "')"
%>Andrew Wasson | www.lunadesign.org
Principal / Internet Development
-
Dec 28, 2011, 23:18 #8
- Join Date
- Nov 2011
- Location
- Cabanatuan City, Philippines
- Posts
- 56
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
How about html tags?for example, I'm going to insert <html>,it will be added on my database ,but doesn't show on my asp page,unless you view the source.
Bookmarks