Error when insert data to SQL Server using jquery in Asp.net

1
votes

My code :

Test.aspx file:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Test.aspx.cs" Inherits="Test" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>Untitled Page</title>
    <script type="text/javascript" language="javascript" src="Scripts/jquery.js"></script>
    <script type="text/javascript">
        $(document).ready(function () {
            $('#btn_save').click(function () {
                $.ajax({
                    type: "POST",
                    url: "JqueryFunction.aspx/insert_remark",
                    data: "{remark:'" + $("#remark").val() + "'}",
                    contentType: "application/json; charset=utf-8",
                    dataType: "json",
                    success: function () {
                        alert("success");
                    },
                    error: function () {
                        alert("Can not insert");
                    }
                });
            });    
        });     
    </script>
</head>
<body>
    <form id="form2" runat="server">
        <div style="width:60px;">Remark</div>
        <asp:TextBox ID="remark" runat="server" TextMode="MultiLine" Height="50px" Width="295px"></asp:TextBox>
        <button id='btn_save' type="button">Save</button>                        
    </form>
</body>
</html>

*Code in JqueryFunction.aspx file:

//Insert remark
    [System.Web.Services.WebMethod]
    public static void insert_remark(string remark)
    {

        string str_insert = "INSERT INTO remark VALUES(@remark)";

            SqlParameter[] parameter = {
                new SqlParameter("@remark", remark),
            };
            int abc = DBclass.TruyVan_XuLy_VoiThamSo(str_insert, parameter);
    }

If I enter in remark textbox: "I can not insert to database" my code works good. But when I enter: "I can't insert to database", I get this error:

{"Message":"Invalid object passed in, \u0027:\u0027 or \u0027}\u0027 expected. (16): {remark:\u0027I can\u0027t insert to

database\u0027}","StackTrace":" at System.Web.Script.Serialization.JavaScriptObjectDeserializer.DeserializeDictionary(Int32 depth)\r\n at System.Web.Script.Serialization.JavaScriptObjectDeserializer.DeserializeInternal(Int32 depth)\r\n at System.Web.Script.Serialization.JavaScriptObjectDeserializer.BasicDeserialize(String input, Int32 depthLimit, JavaScriptSerializer serializer)\r\n at System.Web.Script.Serialization.JavaScriptSerializer.Deserialize(JavaScriptSerializer serializer, String input, Type type, Int32 depthLimit)\r\n at System.Web.Script.Serialization.JavaScriptSerializer.Deserialize[T](String input)\r\n at System.Web.Script.Services.RestHandler.GetRawParamsFromPostRequest(HttpContext context, JavaScriptSerializer serializer)\r\n at System.Web.Script.Services.RestHandler.GetRawParams(WebServiceMethodData methodData, HttpContext context)\r\n at System.Web.Script.Services.RestHandler.ExecuteWebServiceCall(HttpContext context, WebServiceMethodData methodData)","ExceptionType":"System.ArgumentException"}

How can I resolve this error when the content of text box has a ' character

1
jqueryasp.net
i think before you insert the value to db you should sanitize the value first.. i dont know how to do that in .NET but i think it's similar like mysql_escape_string in phpbondythegreat

1 Answers

1
votes

have a look at this link.

https://stackoverflow.com/a/493259/168371

your webservice expects a string and not a complex data type and as such you should convert your JSON data to a string and then pass it.

hope this helps!