Please tell me how can save a string with special characters to DB.Special characters may contatin single
quotes/double quotes etc.. I am using ASP.NET with C#
Use parameterized queries.
<a href="http://aspnet101.com/aspnet101/tutorials.aspx?id=1" rel="nofollow">http://aspnet101.com/aspnet101/tutorials.aspx?id=1</a>
When rendering to the client, you should also use Server.HtmlEncode() to convert characters which have special meaning in HTML to numeric character references.Answer2:
Hard to answer without much details. But usually the best bet is parametrized queries.Answer3:
Ok.Eventhough i saved in the DB.I need to display this back to a text box.Then the page is breaking. Ex: I have saved Student name as Ani"s and when i am displayin gthis
How to get rid of this problem ?Answer4:
Are you encoding the value when you write it out? (Server.HtmlEncode(value))Answer5:
Using (SqlConnection conn = new SqlConnection(connstr))
Using (SqlCommand command = new SqlCommand("INSERT INTO FOO (col) VALUES (@arg)"))
command.Connection = conn;
Reading it out should not be breaking your output at all, if it is, its not the database code doing it.Answer6:
(Server.HtmlEncode(value)) worked !