//  home   //  advanced search   //  news   //  categories   //  sql build chart   //  downloads   //  statistics
ASP FAQ Tutorials

   8000XXXX Errors
   ASP.NET 2.0
   Classic ASP 1.0
      Access DB & ADO
      General SQL Server & Access Articles
      Other Articles
      Schema Tutorials
      Sql Server 2000
      Sql Server 2005
   General Concepts
   Search Engine Optimization (SEO)

Contact Us
Site Map



ASP FAQ Tutorials :: Databases :: General SQL Server & Access Articles :: Apostrophes in SQL

How do I deal with an apostrophe (') in a SQL statement?

Easily one of the most frequently-asked questions in ASP and database-related forums. 
The apostrophe is an illegal character in T-SQL because it is interpreted as a string delimiter. To allow a ' mark to be inserted into a database, simply double-up all occurences of the ' mark: 
    criteria = Replace(criteria,"'","''") 
So to generate SQL queries: 
    mycrit = Replace(mycrit,"'","''") 
    Response.Write("INSERT table VALUES('" & mycrit & "')<p>") 
    Response.Write("SELECT column FROM table WHERE column LIKE '%" & mycrit & "%'<p>") 
In JScript, you could use the Replace() method also, however it behaves differently than in VBScript. Each call to .Replace() only affects the *first* instance it comes across. You can use RegExp to remind JScript to replace globally: 
<script language=jscript runat=server> 
    var myCrit = "bob's bait and tackle"; 
    var q = /\'/g; // regexp apostrophe, global 
    myCrit = myCrit.replace(q, "''"); 
    Response.Write("INSERT table VALUES('" + myCrit + "')<P>"); 
    Response.Write("SELECT column FROM table WHERE column LIKE '%" + myCrit + "%'<P>"); 

Related Articles

Can I fix this mm/dd/yyyy <-> dd/mm/yyyy confusion once and for all?
Could I get some help with JOINs?
How can I tell which version of MDAC I'm running?
How do I access MIN, MAX, SUM, COUNT values from SQL statements?
How do I change column order in a table structure?
How do I change the order of columns in a table?
How do I concatenate strings from a column into a single row?
How do I convert columns of values into a single list?
How do I determine if a database exists?
How do I document / compare my SQL Server database(s)?
How do I get the IDENTITY / AUTONUMBER value for the row I inserted?
How do I solve 'ADO Could Not Find The Specified Provider'?
Should I use BETWEEN in my database queries?
Why can't I use the * wildcard in a database search?
Why do I get 'Syntax Error in INSERT INTO Statement' with Access?
Why do I get weird results when using both AND and OR in a query?
Why do some SQL strings have an 'N' prefix?
Why does AbsolutePosition return as -1?
Why doesn't SQL Server allow me to separate DATE and TIME?
Why is Query Analyzer only returning 255 characters?
Why should I avoid NULLs in my database?



Created: 7/9/2000 | Last Updated: 6/4/2006 | broken links | helpful | not helpful | statistics
© Copyright 2006, UBR, Inc. All Rights Reserved. (43)


Copyright 1999-2006, All rights reserved.
Finding content
Finding content.  An error has occured...