[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ProgSoc] Single-Quotes in SQL

To: progsoc@nospam.progsoc.uts.edu.au
Subject: Re: [ProgSoc] Single-Quotes in SQL
From: David Shoon <dshoon@nospam.progsoc.uts.edu.au>
Date: Sat, 13 Jul 2002 00:09:23 +1000 (EST)
In-reply-to: <3D2BD3AC.6060602@nospam.progsoc.uts.edu.au>
List-archive: <http://www.progsoc.uts.edu.au/lists/progsoc/>
List-id: <progsoc.progsoc.uts.edu.au>
Sender: owner-progsoc@nospam.progsoc.uts.EDU.AU

On Wed, 10 Jul 2002, Jay Banyer wrote:

> INSERT INTO tablex VALUES('Jay''s data', 'blah');
>
> It appears that I will have to search every single value for
> single-quotes and insert an additional single-quote before each one.
>
> Can anyone suggest an alternative?

For such values, you could always URL encode them.

http://java.sun.com/j2se/1.4/docs/api/java/net/URLEncoder.html

No, I'm serious (it does get the job done; but you'd have to encode and
decode all strings -- or somehow keep it consistent). Although
substituting the single-quote (i.e. ' changed to %) is a more efficient
encoder, the most appropriate is probably replacing the single-quote ('
changed to '').

Regardlessly of which method you use, when you search, you'd have to
encode the search string in exactly the same way, so you may as well code
a helper function to do it.

cheers,
Dave

-
You are subscribed to the progsoc mailing list. To unsubscribe, send a
message containing "unsubscribe" to progsoc-request@nospam.progsoc.uts.edu.au.
If you are having trouble, ask owner-progsoc@nospam.progsoc.uts.edu.au for help.

References:
- [ProgSoc] Single-Quotes in SQL
  - From: Jay Banyer <jay@nospam.progsoc.uts.edu.au>

Prev by Date: Plagiarism detection methods (was RE: [ProgSoc] (no subject))
Next by Date: Re: Plagiarism detection methods (was RE: [ProgSoc] (no subject))
Previous by thread: Re: [ProgSoc] Single-Quotes in SQL
Next by thread: [ProgSoc] web page comments...
Index(es):
- Date
- Thread