C# Tutorials and offshore development in India
    Tutorials   Resources   Forum   Communities   Interview   Jobs   Projects   Offshore Development    
Silverlight Tutorials | Mentor | Code Converter | Articles | Code Factory | Computer Jokes | Members | Peer Appraisal | IT Companies | Bookmarks | Revenue Sharing |


Prizes & Awards
My Profile



Active Members
TodayLast 7 Days more...
New Feature: Community Sites: Create your own .NET community website and start earning from Google AdSense ! It's Free !




Making your SQL string synatx friendly


Posted Date: 15 Sep 2008    Resource Type: Code Snippets    Category: SQL
Posted By: Nico VanHaaaster       Member Level: Bronze
Rating:     Points: 10



SQl Server can be very picky when it comes to syntax of your statements. A common place that falls through the crcks is usually in handeling of characters which sql server deems invalid syntax. Mostly those apostrohe(s) (') i way around this would be do develop a class that removes such syntax into a very secure safe string. Try the class below


//Encode the strings to safe characters
// call class by using SqlEncode(yourInsertValue)
public string SqlEncode(string inStr)
{

inStr = inStr.Replace("'", "'");
inStr = System.Security.SecurityElement.Escape(inStr);
inStr = HttpContext.Current.Server.HtmlEncode(inStr);
return inStr;
}

to read it back on to a web page use the code below.

//decode the string
public string SqlDecode(string inStr)
{
if (inStr == "")
return null;
inStr = HttpContext.Current.Server.HtmlDecode(inStr);
inStr = inStr.Replace("'", "'");
return inStr;
}



Responses
Author: varun    16 Sep 2008Member Level: Gold   Points : 2
Hi Nico,

Nice article ..really very helpful


Feedbacks      
Popular Tags   What are tags ?   Search Tags  
Syntax Error SQL  .  Syntax  .  SQL Server  .  

Post Feedback


This is a strictly moderated forum. Only approved messages will appear in the site. Please use 'Spell Check' in Google toolbar before you submit.
You must Sign In to post a response.
Next Resource: Oracle Query
Previous Resource: Using SYSOBJECTS : Get Table Schema
Return to Discussion Resource Index
Post New Resource
Category: SQL


Post resources and earn money! 		 
Related Resources


dotNet Slackers   BizTalk Adaptors    Web Design

silicone halloween masks

Contact Us    Privacy Policy    Terms Of Use