Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need Help With Single Quote in a Dynamic Form 1

Status
Not open for further replies.
LyndonOHRC

LyndonOHRC

Programmer
Sep 8, 2005
603
US
I have a dynamically generated form and one of the fields requires the ability to type an apostrophe as it contains proper names; horses names often have apostrophes as a part of their official registered name.

If the user enters bob's baby for example in the FoalName field, I am getting the following error in my query code:

Code: 
ODBC Error Code = 37000 (Syntax error or access violation)


[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression  '[COLOR=red]'bob's baby'[color], 'R34812', 'Quarterhorse' , Val(50.00), 'Racestock', Now(), 'lpatton' )'.

My CF Query Tag:
Code: 
<cfquery name="InsertRacestock" datasource="Registry">
			Insert Into 
				ReceiptDetails(
					[COLOR=red]Name[color],
					WorkOrder,
					Breed,
					Amount,
					HorseType,
					WorkorderDate,
					user)
				Values(
					[COLOR=red]'#Form["FoalName#i#"]#'[color],
					'#Session.WorkOrderReceipt.wo#',
					<cfif Form["FoalBreed#i#"] eq '1'>
						'Thoroughbred'
					</cfif>
					<cfif Form["FoalBreed#i#"] eq '2'>
						'Quarterhorse'
					</cfif>
					<cfif Form["FoalBreed#i#"] eq '3'>
						'Appaloosa'
					</cfif>
					<cfif Form["FoalBreed#i#"] eq '4'>
						'Paint'
					</cfif>
					<cfif Form["FoalBreed#i#"] eq '5'>
						'OTHER'
					</cfif>,
					Val(#Form["FoalAmount#i#"]#),
					'Racestock',
					Now(),
					'#SESSION.Auth.userlogin#'
					)
		</cfquery>

Lyndon

---People Remember about 10% of what you say ---They never forget how you made them feel. Covey
 
Sort by date Sort by votes
One option is to use cfqueryparam. It should automatically handle any single quoting issues.

Not tested
Code: 
Insert Into ReceiptDetails (Name, ...other columns) 
Values(
  <cfqueryparam 
        value="#Form['FoalName#i#']#"      
        cfsqltype="cf_sql_varchar">
   ,
   ... other values 
)
 
Upvote 0 Downvote
Thanks,

This is very old code. I hadn't yet discovered cfqueryparam
at that time.

I use it in all my code now; I should have thought of that!

Lyndon

---People Remember about 10% of what you say ---They never forget how you made them feel. Covey
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

RBGraphics
  • Locked
  • Question
Adobe Portfolio
Replies
0
Views
611
RBGraphics
RBGraphics
FALCONSEYE
  • Locked
  • Question
ColdFusion microservices with REST
Replies
0
Views
558
FALCONSEYE
FALCONSEYE
LyndonOHRC
  • Locked
  • Question
Need help using ImageCrop()
Replies
1
Views
248
LyndonOHRC
LyndonOHRC
mdvp
  • Locked
  • Question
Intermittent X-ref problem with figures in FM 12
Replies
0
Views
543
mdvp
mdvp
Mike Lewis
  • Locked
  • Question
Using Dreamweaver to maintain a site not created in Dreamweaver
Replies
2
Views
744
Mike Lewis
Mike Lewis

Part and Inventory Search

Sponsor

Back
Top