Insert into statement with an apostophe using VBA?
Question
I have a form with textboxes. I am inserting what the user enters into the textbox into a table. If the user enters an apostrophe in the textbox labeled "Me.ProjectName", I get an error. My code is:
CurrentDb.Execute "INSERT INTO Table1(ProjectNumber, Title) " & _
" VALUES('" & ProjectNumber & "','" & Me.ProjectName & "')"
2 answers
solution1
4 2016-07-29 13:56:00
You should not construct and execute dynamic SQL based on user input. You should use a parameterized query , something like:
Dim cdb As DAO.Database
Set cdb = CurrentDb
Dim qdf As DAO.QueryDef
Set qdf = cdb.CreateQueryDef("", _
"INSERT INTO Table1 (ProjectNumber, Title) VALUES (@prjnum, @title)")
qdf.Parameters("@prjnum").Value = ProjectNumber
qdf.Parameters("@title").Value = me.ProjectName
qdf.Execute
solution2
1 ACCPTED 2016-07-29 12:50:08
You should escape your strings possibly containing quotes by replacing a quote with 2 quotes:
Dim SQL As String
SQL = "INSERT INTO Table1(ProjectNumber, Title) " & _
" VALUES('" & ProjectNumber & "','" & Replace(Me.ProjectName, "'", "''") & "')"
CurrentDb.Execute SQL
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
INSERT INTO Statement Access VBA
Problem with executing an SQL insert statement in access using VBA
SQL INSERT INTO Statement not work VBA
Using an insert statement in stored procedure to copy some info from one table and insert new info from VBA
doubled records with INSERT INTO sql statement inside VBA
Using cast in insert statement
Using OpenQuery With INSERT INTO Statement
VBA macro in Excel to Run SQL Insert statement
Insert into using a Case Statement
Using alias in insert statement
Related Tags