Problems with sql queries in delphi 6

Hi, I use queries to manipulate data in a access table and normally all goes well but..

When the querie contains characters like this > ` ' ( ) ' :' and some other ones

I get all kinds of error messages and when i remove those characters all goes well.

But I have to insert this data as it is in a database, does anyone knows how to do this ?

This is a example of a querie is use :

query3.Active := false ;
query3.SQL.Text := 'insert into sneeuwhoogten (code,plaats,sneeuwnieuws) values('+#39 + code + #39 + ',' + #39 + plaats + #39 + ','+#39 + snownews + #39 + ')' ;
Query3.execsql ;

where code,plaats and snownews are strings.

Thanks in advance

This is why you should always parametrize all queries. Assuming that Query3 is a TADOQuery object:


If you're using a BDE object (i.e.) TQuery instead of TADOQuery, change the part where you set the params to something like this:


The advantage of parametrizing is that
(1) The engine takes care of escaping characters correctly for you, so you don't have to escape any characters yourself.
(2) If you need to execute the statement again with different values of code, plaats and snownews, you don't need to prepare the SQL string again. All you need to do is set the parameter values again and execute:

It works great, thank you very much I never knew that it could be done this way.
What i did now was that I filtered the string and replace or deleted the character that was causing the problem, but your solution is much much better.
Thanks again !!! :-)
(Excuse my bad englisch)