0

I have a SQL Server database that contains a VarChar(50) column. I am using ASP.NET/C# for this application.

I have protected my program from SQL injection so when I insert any text with an apostrophe in it, it will insert properly. I have confirmed this in the database.

However, now when I query the database for this varchar column, instead of getting apostrophes in the column, I am getting the unicode version of it (&#39 ;).

I use a SqlDataSource and bind it to a DataGridView. What could cause this conversion? How can I avoid it?

EDIT:
Seems that this problem is only occurs in textboxes, labels seem to be displaying them properly.

Thanks for your help. This community here is awesome!

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
ImGreg
  • 2,946
  • 16
  • 43
  • 65

1 Answers1

2

To fix data in the database: Replace the ascii apostrophe with a real apostrophe in a sql database

And how to correctly insert: How to insert a value that contains an apostrophe (single quote)?

-- Edit --

This thread seems to shed more light on this issue: http://forums.asp.net/p/1554455/3818604.aspx

You could also try the HtmlDecode(string) method via http://msdn.microsoft.com/en-us/library/system.web.httpserverutility.htmldecode.aspx

Community
  • 1
  • 1
JSuar
  • 21,056
  • 4
  • 39
  • 83
  • You have misunderstood the problem. Everything in the database is perfectly fine. Apostraphes are apostraphes. It is when I SELECT this data and attempt to use it in the problem that it converts to the unicode for no apparent reason? – ImGreg Feb 09 '12 at 23:11
  • Thanks for the edit. I will test these on my code tomorrow to see if they fix the issue. – ImGreg Feb 09 '12 at 23:32
  • Server.HtmlDecode(string) seems to be the easiest/most reasonable solution. Nice find! – ImGreg Feb 10 '12 at 14:10