Home/ Questions/Q 6935495
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T12:06:38+00:00

I have created web service in c#.In that admin panel when admin edit file

  • 0

I have created web service in c#.In that admin panel when admin edit file name with escape sequence character it gives error. i want to add ‘s in the audio file name.But when i update that filename it gives an error.please suggest me the code.here is my current code:
for ex:i want file name like: stafford’s.mp3

                  protected void dbUpdate(int Id, string newfileName,string newfilePath,string newfileExt,string newfileType )
{
    string filep;
    if (newfileType == "Image")
    {
        filep = newfilePath + newfileType + "/" + newfileName.Replace(" ", string.Empty) + newfileExt;
    }
    else 
    {

        filep = newfilePath + newfileType + "/" + newfileName.Replace(" ", string.Empty) + newfileExt;
    }

    String getSQL1 = "UPDATE tbluploadedfilesdetail set FileName='" + newfileName + "' FilePath= '" + filep + "' where ID=" + Id + ";";
    MySqlConnection objMyCon1 = new MySqlConnection(connection);
    objMyCon1.Open();
    MySqlCommand cmd2 = new MySqlCommand(getSQL1, objMyCon1);
    cmd2.ExecuteNonQuery();
    objMyCon1.Close();
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    if you replace single quote with double single quote, it will solve you problem.

    ... set FileName='" + newfileName.Replace("'", "''") + "' ...

    You should be using SqlParameters instead of substituting values directly into your sql. So look up SqlParameters.

    • 0