The forum operates in read-only mode. Please head to StackOverflow for support.
clines wrote:Your issue is a microsoft issue not FCKEditors.
string hdescription = Server.HtmlEncode(FCKeditorhospital.Value);
string hname = txthname.Text; string hdescription = Server.HtmlEncode(FCKeditorhospital.Value); string hgmap = txtgmap.Text; string hparking = txthparking.Text;string insert = "Insert into Hospital(Hname, Hdescription, Hgmap, Hparking) values('" + hname +"', '" + hdescription +"', '" + hgmap +"', '" + hparking +"')";
Re: Getting error when storing in sql server
Re: Getting error when storing in sql server
Your issue is a microsoft issue not FCKEditors. You will need to post process the request variable from FCKEditor to replace any apostophes with double apostrophes eg fcktxt = replace(request("fcktxt"),"'","''") before saving to SQL server.
Hope that helps
Re: Getting error when storing in sql server
Re: Getting error when storing in sql server
BUt, will u pls. tell me the code.?
how can i do it.?
I'm using following code to sotre it.:
Thanks again.
Re: Getting error when storing in sql server
Re: Getting error when storing in sql server
As for SQL injection, use parameter binding instead of string concatenation.