I want to save a string to a MSSQL 2008 server.
Sometimes some special characters are in there, which gives an exception while saving to the database.
What is the best way to handle this type of situation. Are there any built in functions that I may have overlooked to use?
Use parameters. I believe using parameters handle these things internally
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.parameters(v=vs.110).aspx
Why do we always prefer using parameters in SQL statements?
http://weblogs.sqlteam.com/jeffs/archive/2006/07/21/10728.aspx
you have to check in your string for the occurrence of every special character and you have to replace every special character with their respective escape sequenced format.
you can use the following function for the same. it's a sample.
public String addescape(String str)
{
String temp = "";
foreach (char ch in str)
{
if (ch == '\0')
temp += "";
else if (ch == '\'')
temp += "'";
else if (ch == '\\')
temp += """;
else if (ch == '<')
temp += "<";
else if (ch == '>')
temp += ">";
else
temp += ch;
}
return (temp);
}
How are you inserting into the database - can you use Paramaterized queries to do your insert? https://stackoverflow.com/a/5529010/685341
For special characters i would do adding some more character whatever you like to use.For example add * character. Write it to the database with modified state. And then when you read data from db you can remove out this characters you added. This is a solution(definitely there is a inbuilt function .NET enviroment) but i don't know...
