问题
Please tell me how can save a string with special characters to DB.Special characters may contatin single quotes/double quotes etc.. I am using ASP.NET with C#
回答1:
Use parameterized queries.
http://aspnet101.com/aspnet101/tutorials.aspx?id=1
When rendering to the client, you should also use Server.HtmlEncode() to convert characters which have special meaning in HTML to numeric character references.
回答2:
Hard to answer without much details. But usually the best bet is parametrized queries.
回答3:
Ok.Eventhough i saved in the DB.I need to display this back to a text box.Then the page is breaking. Ex: I have saved Student name as Ani"s and when i am displayin gthis
How to get rid of this problem ?
回答4:
Are you encoding the value when you write it out? (Server.HtmlEncode(value))
回答5:
Using (SqlConnection conn = new SqlConnection(connstr))
{
Using (SqlCommand command = new SqlCommand("INSERT INTO FOO (col) VALUES (@arg)"))
{
command.Connection = conn;
command.Parameters.AddWithValue("@arg",SpecialCharsString);
command.ExecuteNonQuery();
}
}
Reading it out should not be breaking your output at all, if it is, its not the database code doing it.
回答6:
(Server.HtmlEncode(value)) worked !
来源:https://stackoverflow.com/questions/279991/asp-net-saving-special-characters-to-database