Add the following to your ASP script that does the insertion into
the database and then use the CheckQuote or CheckString, depending on what
you're doing, as a function in the code before the call to the database
to fix the input fields.
Danny
<SCRIPT LANGUAGE=VBScript RUNAT=Server>
'This function checks what will be a string value for
'embedded single quotes that will cause the SQL statement
'problems. If found, it adds another single quote to cause
'the interpreter to read the quote correctly. In addition,
'the code adds single quotes to both ends of the string and
'tacks the endchar argument onto the end of the string.
'
'This code came from the Adventure Works sample site
Function CheckQuote (s)
pos = InStr(s, "'")
While pos > 0
s = Mid(s, 1, pos) & "'" & Mid(s, pos + 1)
pos = InStr(pos + 2, s, "'")
Wend
CheckQuote = s
End Function
Function CheckString (s, endchar)
CheckString= "'" & CheckQuote(s) & "'" & endchar
End Function
</SCRIPT>
===========================================================================
Danny Mayer Digital Equipment Corporation
mayer@mro.dec.com Marlboro, MA 01752
===========================================================================