sqlstring | A Rahim Khan's Blog

Tackling Apostrophes in SQL String with C#

Apostrophes always screws up SQL string that contains inputs from user. The easiest way to deal with this is to checkout each string input from user and replace single apostrophes with two apostrophes.

Utility.cs
using System; using System.Collections.Generic; using System.Linq; using System.Text;

namespace ApostrphesTrial { public static class Utility { public static string EscapeApostrophes(string input) { return input.Replace("'", "''"); } } }

Use this “EscapeApostrophes” Method each time with user input (string) to create a SQL string for database interaction.

string userName = Utility.EscapeApostrophes(userNameTextBox.Text);

Thanks
A Rahim Khan

2009: 12/05
CATEGORY: C#
TAGS: apostrophes
C#
sqlstring
4 comments

S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Sharing Database Driven Software Development Experiences and Views

Tackling Apostrophes in SQL String with C#

Top Posts

Catagories

Archives

Email Subscription

Blog Stats

Blog Calendar

Admin