Solved

Escaping an SQL String

Posted on 2002-03-10
8
264 Views
Last Modified: 2013-11-13
OK, I am using a Data Tool to query A database (data1). What happens is the user inputs a name, and it searchs the database. This works all fine and well until the user inputs characters like | (Vertical bar), *, and other such wierd characters. How can Escape this string, just like in PHP, where you can escape the mysql string to get mysql to accept those wierd characters?
0
Comment
Question by:willa2
8 Comments
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 6854718
Data Tool?  Are you talking about the Data View? If so, than you are using ADO and there should be nothing more complicated than a SQL statement like:

Select * From Table1 Where Column1 = '*'

or if using wildcards than:

Select * From Table1 Where Column1 Like '%*%'

If this is not the case, you may want to elaborate further.

Anthony
0
 

Author Comment

by:willa2
ID: 6854769
Yeah I think I am using that, and soz, it wasnt *, it was just the Vertical Bar | - can anyone solve the mystery?
0
 
LVL 75

Expert Comment

by:Anthony Perkins
ID: 6854871
What database are you using?  This works fine for me on SQL Server:

Select * From Table1 Where Column1 = '|'

or if using wildcards than:

Select * From Table1 Where Column1 Like '%|%'

Perhaps you can show us what you are doing.

Anthony

Also, please maintain your open questions:
Querying a Half Life Server Date: 04/14/2001 09:10AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20105604
Winsock Buffering Date: 07/14/2001 06:23AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20150649
Forcing Sound Feedback, feeding certain computer output to line in terminal Date: 09/24/2001 11:04AM PST
http://devx.experts-exchange.com/jsp/qShow.jsp?ta=visualbasic&qid=20187101

Anthony
0
Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

 

Author Comment

by:willa2
ID: 6857737
Right, it's an Access Database, (Access 97), using VB6. I got a Data Control thingy, and I try and set the recordsource for that control to this:

Data2.RecordSource = "SELECT * FROM names Where ID=" & Data1.Recordset.Fields("ID") & " AND name='" & searchname & "'"

Note that Data1.recordset.Fields("ID") is just an external thing, and you can take it to be '1'. So basing it on this fact, why does the following SQL statement produce a syntax error:

"SELECT * FROM names Where ID=1 AND name='|'"

I know it aint the ID thing cause it works fine without the name thing at end. How do I fix this? Do I have to download some sorta service pack?


0
 
LVL 75

Accepted Solution

by:
Anthony Perkins earned 100 total points
ID: 6857957
"Names" is a reserved keyword, you may want to change your SQL statement to:

SELECT * FROM [names] Where ...

Anthony
0
 

Author Comment

by:willa2
ID: 6862003
Nope, still no work
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 7618163
Hi willa2,
It appears that you have forgotten this question. I will ask Community Support to close it unless you finalize it within 7 days. I will ask a Community Support Moderator to:

    Accept acperkins@devx's comment(s) as an answer.

willa2, if you think your question was not answered at all or if you need help, just post a new comment here; Community Support will help you.  DO NOT accept this comment as an answer.

EXPERTS: If you disagree with that recommendation, please post an explanatory comment.
==========
DanRollins -- EE database cleanup volunteer
0
 
LVL 1

Expert Comment

by:kodiakbear
ID: 7665502
Moving to the paq

kb
Experts Exchange Moderator
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There is an easy way, in .NET, to centralize the treatment of all unexpected errors. First of all, instead of launching the application directly in a Form, you need first to write a Sub called Main, in a module. Then, set the Startup Object to th…
If you haven’t already, I encourage you to read the first article (http://www.experts-exchange.com/articles/18680/An-Introduction-to-R-Programming-and-R-Studio.html) in my series to gain a basic foundation of R and R Studio.  You will also find the …
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question