I have a SQL Server database that contains a VarChar(50) column. I am using ASP.NET/C# for this application.
I have protected my program from SQL injection so when I insert any text with an apostrophe in it, it will insert properly. I have confirmed this in the database.
However, now when I query the database for this varchar column, instead of getting apostrophes in the column, I am getting the unicode version of it (' ;).
I use a SqlDataSource and bind it to a DataGridView. What could cause this conversion? How can I avoid it?
EDIT:
Seems that this problem is only occurs in textboxes, labels seem to be displaying them properly.
Thanks for your help. This community here is awesome!
To fix data in the database: Replace the ascii apostrophe with a real apostrophe in a sql database
And how to correctly insert: How to insert a value that contains an apostrophe (single quote)?
-- Edit --
This thread seems to shed more light on this issue: http://forums.asp.net/p/1554455/3818604.aspx
You could also try the HtmlDecode(string) method via http://msdn.microsoft.com/en-us/library/system.web.httpserverutility.htmldecode.aspx