[Gambas-user] MySQL query problems with apostropies
Benoît Minisini
gambas at ...1...
Wed Apr 7 00:40:12 CEST 2010
> Strings that contain these three characters: quote, double quote and
> backslash need to be escaped.
> You escape them by having a backslash immediately before it.
> Example:
> Patty O'Lantern would be...
> Patty O\'Lantern
>
> One way is to make a small function that will insert a backslash
> when it finds a quote or double quote or backslash.
>
> When you create your SQL string (Insert, Update, Select, etc)
> you escape the strings for the char, varchar, text, or similar.
>
> sql = "SELECT * FROM inventory WHERE part = ' & escape(mypart) & "';"
>
> SELECT from the database will not return the 'escape' backslash.
> It will appear normal.
>
> Please note: / (on the question mark key) is not the backslash.
> \ is the backslash.
>
> -Fernando
>
>
Gambas does escaping for you:
DB.Exec("SELECT * FROM inventory WHERE part = &1", mypart)
The Exec(), Find(), Edit() and Delete() methods have all that Subst()-like
syntax. Each argument substituted in the SQL string is escaped according to
the SQL syntax of the underlying database driver.
Regards,
--
Benoît Minisini
More information about the User
mailing list