December 20, 2011 at 4:42 am
Use replace function to replace single quote (') with two single quotes ('')
REPLACE ( string_expression , string_pattern , string_replacement )
December 20, 2011 at 4:50 am
Dear Dev,
May I have the example please?
December 20, 2011 at 7:11 am
Better yet, parameterize your queries or turn it into a stored proc. If you are doing inserts with a pass through query you are vulnerable for sql injection. It strongly discouraged to do pass through queries. A pass through query is when you build a string dynamically and execute that string against your database.
_______________________________________________________________
Need help? Help us help you.
Read the article at http://www.sqlservercentral.com/articles/Best+Practices/61537/ for best practices on asking questions.
Need to split a string? Try Jeff Modens splitter http://www.sqlservercentral.com/articles/Tally+Table/72993/.
Cross Tabs and Pivots, Part 1 – Converting Rows to Columns - http://www.sqlservercentral.com/articles/T-SQL/63681/
Cross Tabs and Pivots, Part 2 - Dynamic Cross Tabs - http://www.sqlservercentral.com/articles/Crosstab/65048/
Understanding and Using APPLY (Part 1) - http://www.sqlservercentral.com/articles/APPLY/69953/
Understanding and Using APPLY (Part 2) - http://www.sqlservercentral.com/articles/APPLY/69954/
December 27, 2011 at 6:51 am
Hi,
Could you please provide your sample update query here. How you use the single quote in your query needs to be checked.
Viewing 4 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply