Solved

Escaping an SQL String

Posted on 2002-03-10
8
258 Views
Last Modified: 2013-11-13
OK, I am using a Data Tool to query A database (data1). What happens is the user inputs a name, and it searchs the database. This works all fine and well until the user inputs characters like | (Vertical bar), *, and other such wierd characters. How can Escape this string, just like in PHP, where you can escape the mysql string to get mysql to accept those wierd characters?
0
Comment
Question by:willa2
8 Comments
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 6854718
Data Tool?  Are you talking about the Data View? If so, than you are using ADO and there should be nothing more complicated than a SQL statement like:

Select * From Table1 Where Column1 = '*'

or if using wildcards than:

Select * From Table1 Where Column1 Like '%*%'

If this is not the case, you may want to elaborate further.

Anthony
0
 

Author Comment

by:willa2
ID: 6854769
Yeah I think I am using that, and soz, it wasnt *, it was just the Vertical Bar | - can anyone solve the mystery?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 6854871
What database are you using?  This works fine for me on SQL Server:

Select * From Table1 Where Column1 = '|'

or if using wildcards than:

Select * From Table1 Where Column1 Like '%|%'

Perhaps you can show us what you are doing.

Anthony

Also, please maintain your open questions:
Querying a Half Life Server Date: 04/14/2001 09:10AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20105604
Winsock Buffering Date: 07/14/2001 06:23AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20150649
Forcing Sound Feedback, feeding certain computer output to line in terminal Date: 09/24/2001 11:04AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20187101

Anthony
0
 

Author Comment

by:willa2
ID: 6857737
Right, it's an Access Database, (Access 97), using VB6. I got a Data Control thingy, and I try and set the recordsource for that control to this:

Data2.RecordSource = "SELECT * FROM names Where ID=" & Data1.Recordset.Fields("ID") & " AND name='" & searchname & "'"

Note that Data1.recordset.Fields("ID") is just an external thing, and you can take it to be '1'. So basing it on this fact, why does the following SQL statement produce a syntax error:

"SELECT * FROM names Where ID=1 AND name='|'"

I know it aint the ID thing cause it works fine without the name thing at end. How do I fix this? Do I have to download some sorta service pack?


0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 100 total points
ID: 6857957
"Names" is a reserved keyword, you may want to change your SQL statement to:

SELECT * FROM [names] Where ...

Anthony
0
 

Author Comment

by:willa2
ID: 6862003
Nope, still no work
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 7618163
Hi willa2,
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will ask a Community Support Moderator to:

    Accept acperkins@devx's comment(s) as an answer.

willa2, if you think your question was not answered at all or if you need help, just post a new comment here; Community Support will help you.  DO NOT accept this comment as an answer.

EXPERTS: If you disagree with that recommendation, please post an explanatory comment.
==========
DanRollins -- EE database cleanup volunteer
0
 
LVL 1

Expert Comment

by:kodiakbear
ID: 7665502
Moving to the paq

kb
Experts Exchange Moderator
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Have you ever wanted to restrict the users input in a textbox to numbers, and while doing that make sure that they can't 'cheat' by pasting in non-numeric text? Of course you can do that with code you write yourself but it's tedious and error-prone …
I was working on a PowerPoint add-in the other day and a client asked me "can you implement a feature which processes a chart when it's pasted into a slide from another deck?". It got me wondering how to hook into built-in ribbon events in Office.
This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now