Tutorial :VBScript SQL sanitization


Wary of Jeff Atwood's "Bathroom Wall of Code" post, I thought it would be useful to have a trustworthy SQL sanitisation function for VBScript, similar to PHP's mysql_real_escape_string() function.

So, how can I properly sanitise data input into a SQL query using VBScript?


Don't do it. Use parameterized queries instead.


Alternatively, use the Escape function as below

wscript.echo Escape(chrw(1023) & vbtab & vbnewline & " ")  

which gives


. The reverse is UnEscape()

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Next Post »