Hello, i am doing a search function for my project, and i am wondering how do i 'remove' the 3 characters, because it either crashes my project(sql injection thingy) or html display problem. However i don't want to replace it with space or any other characters because the thing i want to search has the 3 characters. I just don't want my project to crash or be vulnerable to sql injection. Please advise..and thanks in advance
Hello, Use Escape sequences instead of ',<,> but I dont think they can help as both the things are not possible at a same time. You have to replace these chars... -SSJ
Generally when protecting against SQL Injection - I only care about 1 character, the Tick (') - so I usually safeguard my content with: Left(Trim(Replace(Text,"'","`")),VarCharDefinedLength) This keeps me protected and makes sure I only insert the max amount of chars that my DB Field will allow