When querying a string column, if the search parameter has a " ' " in it, the execution fails due to a syntax error. I tried to use an escape sequence character (if thats how its called), but it still does not work.
SELECT * FROM OpusOne.Accounts WHERE firstName like '%jose\'%'
What would be the correct way to add a quote " ' " to a string parameter ?
Thank you
Try this:-
SELECT * FROM OpusOne.Accounts WHERE firstName like '%jose''%'
Escape using another single quote.
Related
I have a database table called Players with almost 400 rows. I'm using sqlite under DB Browser for SQLite.
All of my TEXT fields have a "\n" added at the end of my string.
Ex:
"Louie
"
I tried RTRIM to get rid of the white spaces, but it didn't work.
How can I get from
"Louie
"
to
"Louie"
?
You can try replace function. For example:
Select replace(<ColumnName>, CHAR(10), '') from <table_name>;
Here, CHAR(10) is for newline character \n.
Try REPLACE function. replace new line character with null.
Hey I'm using oracle DB with Iron Python and I'm having trouble with strings that contains the char " ' " like in Mc'donalds. (I know it is looking for the closing ' )
The string is accepted from the user input and I want to add it to my DB as it is, meaning without omitting or changing any character.
How can I do it?
Try using the "q" (quote) function:
INSERT INTO restaurantTable (name)
VALUES (q'[O'Reilly and Conway's Irish Pub]');
You can also double-up the single apostrophes (O''Reilly and Conway''s Irish Pub). But in your case you'd have to parse them out, so either using the quote function or query parameters would work the best.
For more information: Q-quote operator introduced in Oracle 10g
Taken from PL/SQL, how to escape single quote in a string?
You can do it either using Q quoting like
q'[insert into MY_TBL (Col) values('ER0002')]';
OR you can use two quotes to denote a single quote
'insert into MY_TBL (Col) values(''ER0002'')';
I have a scenario in my vb.net project where users need to select a name from a combobox (or type a new name).
Names of course can have ' as in Tina O'Hara which in the database would be stored as Tina O''Hara.
My combobox is populated from a sql select command. I have tried to use a Replace so that the names display correctly in the dropdown.
SqlStr = "SELECT Replace(ContactName, '''', ''') AS ddlText FROM tbl_Visits Where CustID = " & hd_CustID.value & " ORDER By ContactName"
PopulateCMBX(cmbx_ContactName, SqlStr, "Please Select")
PopulateCMBX... This gets a list of names from the supplied SqlStr and populates the combobox itemlist with a 'Please Select' as the first option.
SqlStr is producing an error as there is not a matching set of ' how do I fix this. Thanks
When referencing single quotes in MS-SQL, you need to escape each single quote (') with two single quotes ('').
If the name is stored in the database with two single quotes, such as (''), then when you do the replace you need to use four single quotes (''''). In addition to these, you need to enclose the string with single quotes.
What this means is that your replace should look like this:
SqlStr = "SELECT Replace(ContactName, '''''', '''') ...
The 2nd param in the replace has 6 single quotes: 4 to represent the two single quotes you are replacing, and 2 to make it a string. The 3rd param has 4 single quotes: 2 to represent a single escaped quote and two to make it a string.
Try with this, maybe not the best solution but it works (check this example):
select Replace(Replace(ContactName, '''', '$&'),'$&$&','''') from tbl_Visits
Note that $& is like a key that should not affect the values in your field, for example, could be a word: &&k&& or %%key%%, etc.
Back to clarify, it is not the best solution, but sometimes i've used.
i have a string value like 'Apple's'. i want to use this string in SQL "IN" clause like below query
select * from tbl_fruit where nm_fruit IN(''Apple's'','Orange');
how i can get the above query work correctly ?
Many Thanks,
Awais Afzal.
double the single quotes,
select * from tbl_fruit where nm_fruit IN ('Apple''s', 'Orange')
but if you do it on the application level, make sure you parameterized the query :)
I have found SQL correctly interprets the ASCII single-closed-quote (ALT 0146) as an apostrophe in searches while the "IN" treats it like any other character. Now I can search for 'Matt's Macintosh' using Matt(ASCII character 0146)s Macintosh" without messing up my list or the search.
I need to use a string query to make a DB search for a C# program that interacts with MySQL server. What I want to find is a name that is 'like' one of my other variables (nameVar)
I have the following query in a C# program
string q = "SELECT *
FROM TABLE
WHERE name is like %?nameVar%";
As soon as execute the query in my program I get a syntax error telling me that syntax near
'like' is incorrect. As soon as I remove the "%" sign, it works fine.
I am confused, is mandatory to remove the % sign while building a query string?
Your parameter is replacing the ?nameVar part, including quotes. If the param is "TEST", your query gets presented as
string q = "SELECT *
FROM TABLE
WHERE name is like %'TEST'%";
As you can see, the % signs are out of place. either include them from the C# program into namevar, or change the query to
string q = "SELECT *
FROM TABLE
WHERE name is like '%' + ?nameVar + '%'";
you need to quote the query:
string q = "SELECT * from table where name is like '%?nameVar%'";
Strings in SQL need to be enclosed in single quotes:
string q = "SELECT *
FROM TABLE
WHERE name LIKE '%?nameVar%' ";
Also, there's no IS operator when using LIKE.
I think the correct syntax is:
SELECT * FROM table WHERE fields LIKE '%phrase%'
I think you have to leave out 'is'.
MySQL Pattern Matching