• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1491
  • Last Modified:

Any OCI API that can escape chars like ' in SQL...

Hi*!
     I have implemented a module to use the OCI interface for Oracle in C/C++. Sometimes my SQL statement contains chars like ' and while excecuting I get OCI errors. Now I am planning to sort this problem out. Is there any API in OCI like in prel DBI that takes the SQL string and escapes all escapeable chars. Or do i have to write a function in C/C++ my self to parse the SQL statement correctly.
Thanks in advance,
Regards,
Usman.
0
u_riaz
Asked:
u_riaz
  • 2
1 Solution
 
schwertnerCommented:
Normally you have to use two ' characters to represent ' in the SQL. OCI has to accept this way of passing constants.
0
 
catchmeifuwantCommented:
For eg., if you want select details from DB (with quotes stored) then you need to do :

SQL> insert into emp(empno,ename)
  2  values(999,'Riaz''s');

1 row created.

SQL> commit;

Commit complete.

SQL> select empno,ename from emp
  2  where ename = 'Riaz''s';

     EMPNO ENAME
---------- ----------
       999 Riaz's

SQL>

------------

or use bind variables to handle the data
0
 
u_riazAuthor Commented:
Thanks for the reply. I know how to escape those characters. What i wanted to know is the API or Function in OCI that I can Call something like

char szSQLStmt[256] = "select something from something where something = 'usman's name';"
And i can call some function to escape it e.g.

SomeOCIFunctionIamLookingFor(szSQLStmt);

Now this function does the magic and escapes the SQL String.

Thanks,
Usman.
0
 
catchmeifuwantCommented:
why don't you use bind variables?

char name_buf[100];

select something from something
where something = :name_buf;
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now