Jump to content
Xtreme .Net Talk

Replacing characters in string

durilai

By durilai
in General

 Share

Recommended Posts

durilai Newbie

durilai

Posted
Posted

I have a simple form with a text box and a submit button. Once submitted the value in the text box is checked against a table, if there is a match it adds it to another table.

 

The problem is this program is set up to allow scanning of barcodes, but the ID is for ex. A000123, and it works if I enter 000123 or 123, but the "A" gives me a "no value given for one or more required paramenters" error.

 

I have tried doing a simple replace: 

            
           Dim idx As Integer
           idx = Me.txtAddPrep.Text
           idx = Replace(idx, "A", "")

 

That does not solve the problem. I will also post the SQL call:

           strSQL = "Select * FROM tablename WHERE id = " & idx

 

Any help would be greatly appreciated. If this is possible, the idx alpha is not always "A" it can be any letter, so if there is a solution to replace all letters with nothing that would be even better.

 

Thanks

Joe Mamma Newbie

Joe Mamma

Posted
Posted

question. . . what do you think will happen if someone types in your text box the following string -

 

1;drop table tablename;

 

and presses enter

Joe Mamma

Amendment 4: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Amendment 9: The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Cags Newbie

Cags

Posted
Posted
If they get the Replace code working then nothing much will happen when they enter that code because all letters will be removed and it will parsed to an int.
Anybody looking for a graduate programmer (Midlands, England)?
Joe Mamma Newbie

Joe Mamma

Posted
Posted
If they get the Replace code working then nothing much will happen when they enter that code because all letters will be removed and it will parsed to an int.

well that begs the question. . . if the barcode has a character in it why is he saving it as an int? why is it an int in the database?

 

  1. make it a string/varchar.
  2. use a parameterized query.
  3. forget all this nonsense.

K.I.S.S.

Joe Mamma

Amendment 4: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Amendment 9: The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Joe Mamma Newbie

Joe Mamma

Posted
Posted
If they get the Replace code working then nothing much will happen when they enter that code because all letters will be removed and it will parsed to an int.
so what happens if someone types in -

 

THIS IS NOT AN NUMBER

Joe Mamma

Amendment 4: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Amendment 9: The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

  • Administrators
PlausiblyDamp Newbie

PlausiblyDamp

Posted
  • Administrators
Posted

Is it always a single letter at the start of the string or could it be more complex? If it is a single letter then you could do something like

idx = Me.txtAddPrep.Text.substring(1)

 

I would however also heed Joe Mamma in regards to building SQL up through string concatenation - either use a stored proc or a parameterised query.

Posting Guidelines FAQ Post Formatting

 

Intellectuals solve problems; geniuses prevent them.

-- Albert Einstein

durilai Newbie

durilai

Posted
  • Author
Posted

question. . . what do you think will happen if someone types in your text box the following string - 1;drop table tablename; and presses enter

 

That is a good thought and did not really think about that, but you did give me some more insight for the future. But I am hoping to like the reply said remove all characters from the string.

 

Well, to answer some of those other questions. The ID field in the database is an integer because it is an autonumber. The letters are added to match an old method of numbering.

 

so what happens if someone types in -THIS IS NOT AN NUMBER

 

I am hoping that it wil become blank since it had all of the characters removed.

 

Is it always a single letter at the start of the string or could it be more complex?

 

It will always have a single letter in the front, but the barcode program also writes a random letter at the end (I believe its a checksum) that also need to be removed.

 

Thanks for all the help.

Joe Mamma Newbie

Joe Mamma

Posted
Posted
It will always have a single letter in the front' date=' but the barcode program also writes a random letter at the end (I believe its a checksum) that also need to be removed.[/quote']first. . . my only intent of the my question was to get you to think about things. In the world of the internet, tone gets lost and sometimes curt responses to questions are taken too personally.

 

that being said.

 

the last letter of a barcode is not random, it is a checksum.

In our app, we store all the characters of the barcode as a varchar. be careful, your barcode reader is also most likely going to send a 0x000D to your form, as well.

 

Barcodes are not numbers. . .I implore you to store the entire barcode in a varchar. It will save you a ton of trouble. redesign now!

 

We could show you how to do what you want to do, but that would really be doing you a disservice. . .

 

cool?

Joe Mamma

Amendment 4: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Amendment 9: The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...