Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click Dim nrjdate As String = TextBox1.Text
Dim ntitle As String = TextBox3.Text
Dim nmessage As String = TextBox4.Text.ToString.Trim
Dim nid As Integer = CType(TextBox5.Text, Integer) Dim dbConnectionString As String = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\webvb\testvb.mdb;Persist Security Info=False"
Dim conn As OleDbConnection = New OleDbConnection(dbConnectionString)
conn.Open() Dim sql As String = ""
sql = "update testvb set "
sql += "rjdate='" & nrjdate & "',"
sql += "title='" & ntitle & "',"
sql += "message='" & nmessage & "'"
sql += " where ID = " & nid Dim cmd As New OleDbCommand(sql, conn)
cmd.ExecuteNonQuery()
cmd.Dispose()
conn.Close()
conn.Dispose() 'MsgBox("OK,修改成功!") End SubVB.NET做的网页修改时,如果内容中有一些敏感字符,如:单引号,或其它符号或字母子,则保存失败!
请问要如何过滤保存呢? 读出来时又如何正常读出呢? 请指教,谢谢!
Dim ntitle As String = TextBox3.Text
Dim nmessage As String = TextBox4.Text.ToString.Trim
Dim nid As Integer = CType(TextBox5.Text, Integer) Dim dbConnectionString As String = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\webvb\testvb.mdb;Persist Security Info=False"
Dim conn As OleDbConnection = New OleDbConnection(dbConnectionString)
conn.Open() Dim sql As String = ""
sql = "update testvb set "
sql += "rjdate='" & nrjdate & "',"
sql += "title='" & ntitle & "',"
sql += "message='" & nmessage & "'"
sql += " where ID = " & nid Dim cmd As New OleDbCommand(sql, conn)
cmd.ExecuteNonQuery()
cmd.Dispose()
conn.Close()
conn.Dispose() 'MsgBox("OK,修改成功!") End SubVB.NET做的网页修改时,如果内容中有一些敏感字符,如:单引号,或其它符号或字母子,则保存失败!
请问要如何过滤保存呢? 读出来时又如何正常读出呢? 请指教,谢谢!
解决方案 »
- c#.net 怎样使用二进制大对象
- 下面的错是什么意思啊
- cpu现在分几种呢 Intel(R) Celeron(R) CPU 2.66GHz 这个够用么
- 在多线程中能用什么代替HttpContext.Current.Server.MapPath?????????
- 如何实现抓取呀
- 吐血提供一个价值2W搜索程序给大家(c#版带蜘蛛的哦)
- 求图片上传
- 我在aspx中写了一个实现悬停按钮的javascript,为什么不能正常运行?显示“页面上有错误”
- ASP.NET中System.Data.SQL无法找到是何故?
- Microsoft Visual SourceSafe(Iternet)的问题
- GRIDVIEW 模板列 里 控件 的事件问题
- DropDownList EnableViewSate!!!
使用HtmlEncode编码特殊字符,读出的时候使用HtmlDecode解码。
但是无法编码单引号',在SQL中,'是转义符,因此使用双单引号表示一个单引号,也是就是你只需要把单引号'替换成双引号''。
'nmessage = Server.HtmlEncode(nmessage) 用了这句反而会出现一些<那样的字符出来,所以我把此句干脆不要了,只要下面那一句,结果反而就可以了.
nmessage = Replace(nmessage, "'", "''")谢谢楼上的朋友帮忙指点!