Thread
-
escape single quote in INSERT command
Hunter <dave_h4@yahoo.com> — 2002-11-22T13:00:01Z
Hi Group - I have a perl application for a registration form. I'd like to put escape characters in my insert command to accommodate for ' (i.e. O'Brien, O'Malley, etc). I've tired double quotes, single quotes, back tick, forward ticks, curly bracket, round brackets - no success. Thanks, dave
-
Re: escape single quote in INSERT command
Jeff Boes <jboes@nexcerpt.com> — 2002-11-22T18:38:17Z
On Fri, 22 Nov 2002 08:00:01 -0500, Hunter wrote: > I have a perl application for a registration form. I'd like to put > escape characters in my insert command to accommodate for ' (i.e. > O'Brien, O'Malley, etc). I've tired double quotes, single quotes, back > tick, forward ticks, curly bracket, round brackets - no success. Are you using the DBI interface? That's the most straightforward way to accomplish this. Something like this: use strict; use DBI; my $dbh = DBI->new(...see docs for details...); $dbh->do(q|INSERT INTO mytable (col1) VALUES (?)|, undef, q|O'Malley|) or die $DBI::errstr; $dbh->commit; By using the '?' placeholder format for statements, you can pass in any data without having to worry about quoting. -- Jeff Boes vox 616.226.9550 ext 24 Database Engineer fax 616.349.9076 Nexcerpt, Inc. http://www.nexcerpt.com ...Nexcerpt... Extend your Expertise -
Re: escape single quote in INSERT command
mark carew <markcarew@bigpond.com> — 2002-11-22T21:50:35Z
Hi Hunter, From my xbase++ program suite, sqlcontext class. * cValue := strtran(cValue,['],[\']) * Its called masquarading, simply replace the single quote with back_slash + single quote. Regards Mark Carew Brisbane Australia -
Re: escape single quote in INSERT command
mark carew <markcarew@bigpond.com> — 2002-11-22T21:52:57Z
Woops should have been masquerading
-
Re: escape single quote in INSERT command
Thomas Good <tomg@q8.nrnet.org> — 2002-11-26T18:23:53Z
On Wed, 27 Nov 2002 mallah@trade-india.com wrote: > Why dont' you use prepare and execute in case you are using DBI > same program is like this. > > $dbh = DBI -> connect ( "......"); > $sth = $dbh -> prepare("insert into tab (a,b) values (?,?)"); > $sth -> execute($a , $b ); > $sth -> finish(); > $dbh -> commit(); > $dbh -> disconnect(); > I'd like to put escape characters in my > > insert command to accommodate for ' $dbh->quote() will do the escaping for DBI but be careful with dates as the variable binding does not always behave as expected. You can esc the single with another single, ala ANSI SQL: '' This works in Oracle, PG and MySQL for sure. In perl: $name =~ s/\'/\'\'/g; $query = qq |insert into x values ('$name')|; and so on... Now, can some kind soul tell me how to do an 'insert into x select y;' where x is a numeric(19,2) and y is a money type??? ----------------------------------------------------------------------- Thomas Good e-mail: tomg@sqlclinic.net Programmer/Analyst phone: (+1) 718.818.5528 Residential Services fax: (+1) 718.818.5056 Behavioral Health Services, SVCMC-NY mobile: (+1) 917.282.7359 -- Geistiges Eigentum ist Diebstahl! -- -
Re: escape single quote in INSERT command
Rajesh Kumar Mallah <mallah@trade-india.com> — 2002-11-26T18:31:26Z
> Hi Group - > > I have a perl application for a registration form. Same Here, Why dont' you use prepare and execute in case you are using DBI same program is like this. $dbh = DBI -> connect ( "......"); $sth = $dbh -> prepare("insert into tab (a,b) values (?,?)"); $sth -> execute($a , $b ); $sth -> finish(); $dbh -> commit(); $dbh -> disconnect(); regds mallah. I'd like to put escape characters in my > insert command to accommodate for ' > (i.e. O'Brien, O'Malley, etc). I've tired double quotes, single > quotes, back tick, forward ticks, curly bracket, round brackets - no success. > > > Thanks, dave > > ---------------------------(end of broadcast)--------------------------- TIP 6: Have you > searched our list archives? > > http://archives.postgresql.org ----------------------------------------- Get your free web based email at trade-india.com. "India's Leading B2B eMarketplace.!" http://www.trade-india.com/ -
Re: escape single quote in INSERT command
Dan Langille <dan@langille.org> — 2002-11-26T18:47:20Z
On 27 Nov 2002 at 0:01, mallah@trade-india.com wrote: > > Hi Group - > > > > I have a perl application for a registration form. > > Same Here, > > Why dont' you use prepare and execute in case you are using DBI > same program is like this. > > $dbh = DBI -> connect ( "......"); > $sth = $dbh -> prepare("insert into tab (a,b) values (?,?)"); > $sth -> execute($a , $b ); > $sth -> finish(); > $dbh -> commit(); > $dbh -> disconnect(); IIRC, there is a dbi->quote() function as well. That should properly escape anything. -- Dan Langille : http://www.langille.org/