Web Wiz Rich Text Editor (RTE) - RTE Mod error using �

Print Page | Close Window

RTE Mod error using �

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Rich Text Editor (RTE)
Forum Description: Support forum for the Web Wiz Rich Text Editor (RTE).
URL: https://forums.webwiz.net/forum_posts.asp?TID=9878
Printed Date: 29 March 2026 at 2:07pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: RTE Mod error using �

Posted By: shabrawy911
Subject: RTE Mod error using �
Date Posted: 28 June 2004 at 7:12am

b4 send it to the database replace every ' wiz "
and it will work

Replies:

Posted By: sergi_gil_calvo
Date Posted: 18 January 2005 at 3:26am

where can i do this?

Thanks

Posted By: djlurch
Date Posted: 19 January 2005 at 10:15am

Go to the boards at 4guysfromrolla.com and post your ASP questions. This is a discussion board for borg's ASP components.

That being said...the apostrophe/SQL issue is one of the fundamental issues in terms of security of an ASP application and the proper design of a working ASP application.

When using a SQL statement like that...always replace one apostrophe with two.

foo = Replace(variable,"'","''")

In SQL the apostrophe denotes the opening and closing of a quoted section. You can see that the apostrophe in the word don't is wreaking havoc with your SQL statement.

This simple oversight has led to what I estimate to be a MAJOR security flaw in 5% of ASP applications. Look up "SQL Injection" for all the gory details.