Database |
Names with apostrophes |
Post Reply |
Author | |
McSanta
Postaholic Joined: 4/12/05 Location: United States Status: Offline Points: 1595 |
Post Options
Thanks(0)
Posted: 1/11/13 at 7:56am |
It appears that your queries does not handle names with apostrophes -- such as selecting the 2012 All Amatuers database then selecting a thrower like Jon O'Neil results in the following error message:
Microsoft JET Database Engine error '80040e14' Syntax error (missing operator) in query expression 'Year(Games.Gamesstart) = 2012 AND Athletes.Firstname='Jon' AND Athletes.Lastname='O'Neil' ORDER BY Games.Gamesstart;'. /dbase/resultsathlete3.asp, line 74 Or when you select the person directly from the main menu, the following error is generatedMicrosoft VBScript runtime error '800a0005' Invalid procedure call or argument: 'Left' /dbase/resultsathlete3.asp, line 44 my guess and the obvious guess is the SQL is being screwed up by the apostrophe in the throwers name -- In case you did not knwo, I though you should be made aware of this . |
|
Mark McVey
"The work of science is to substitute facts for appearances and demonstrations for impressions." -John Ruskin |
|
Max5684
Newbie Joined: 7/21/14 Location: Springfield, IL Status: Offline Points: 2 |
Post Options
Thanks(0)
|
You are correct. This is a problem with the query string not being properly sanitized before being run against the database. You can get around this by two single quotes ('') - not a double quote (") - in place of the single quote.
I have asked the owner of the database to let me lend a hand with rewriting the back-end and interface but I haven't heard back yet.
|
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |