Beginner Question - SQL Server Forums

Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

All Forums

SQL Server 2000 Forums

SQL Server Development (2000)

Beginner Question

Author

Topic

shiffman
Starting Member

2 Posts

Posted - 2007-04-02 : 14:41:33

I need to format a SQL text field on the fly to web page.
When the infor is entered to the table there are <enter> strokes used to separate paragraphs.

I need to display those fields with propper paragraph breaks.

I am not sure what the most elegant solution is . . . I would prefer to creat a vbscript function that I can reuse on all such fields.

Help!!

Thanks

Michael

snSQL
Master Smack Fu Yak Hacker

1837 Posts

Posted - 2007-04-02 : 14:51:06

You can search for the line feeds and replace them with an HTML line break like this

SELECT replace(yourcolumn, char(10), ' ')
FROM yourtable

or to put things in paragraphs instead try this

SELECT '' + replace(yourcolumn, char(10), '') + ''
FROM yourtable

shiffman
Starting Member

2 Posts

Posted - 2007-04-02 : 15:56:05

I guess I'm loosing it today.

Heres the code I'm using. The second select statement generated the error:
sp_cursoropen/sp_cursorprepare: The statement parameter can only be a single select or a single stored procedure.

Set CommentsRS = Server.CreateObject("ADODB.RecordSet")
query_str = "SELECT Name, City, Comment, DateAdded FROM Comments "
query_str = query_str & "WHERE ArticleID = " & Request("eid")
query_str = query_str & " AND Status = 1 "
query_str = query_str & " ORDER BY DateAdded DESC"
'query_str = query_str & " SELECT replace(comment, char(10), ' ') "
'query_str = query_str & " FROM Comments "

CommentsRS.Open query_str, Connect, adOpenStatic, adLockOptimistic

snSQL
Master Smack Fu Yak Hacker

1837 Posts

Posted - 2007-04-02 : 17:11:54

You've added a second query, you need to just change the first query, something like

Set CommentsRS = Server.CreateObject("ADODB.RecordSet")
query_str = "SELECT Name, City, replace(comment, char(10), '<br>') AS Comment, DateAdded FROM Comments "
query_str = query_str & "WHERE ArticleID = " & Request("eid")
query_str = query_str & " AND Status = 1 "
query_str = query_str & " ORDER BY DateAdded DESC"

CommentsRS.Open query_str, Connect, adOpenStatic, adLockOptimistic

Warning! - You must not concatenate inputs like you are doing here with Request("eid"). That is vulnerable to a SQL Injection Attack - search this site or Google and you'll find lots of info.

madhivanan
Premature Yak Congratulator

22864 Posts

Posted - 2007-04-02 : 23:59:45

Also, always use stored procedures with input parameters

Madhivanan

Failing to plan is Planning to fail

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources