Link to home
Start Free TrialLog in
Avatar of u_riaz
u_riaz

asked on

Any OCI API that can escape chars like ' in SQL...

Hi*!
     I have implemented a module to use the OCI interface for Oracle in C/C++. Sometimes my SQL statement contains chars like ' and while excecuting I get OCI errors. Now I am planning to sort this problem out. Is there any API in OCI like in prel DBI that takes the SQL string and escapes all escapeable chars. Or do i have to write a function in C/C++ my self to parse the SQL statement correctly.
Thanks in advance,
Regards,
Usman.
Avatar of schwertner
schwertner
Flag of Antarctica image
Normally you have to use two ' characters to represent ' in the SQL. OCI has to accept this way of passing constants.
Avatar of catchmeifuwant
catchmeifuwant
For eg., if you want select details from DB (with quotes stored) then you need to do :

SQL> insert into emp(empno,ename)
  2  values(999,'Riaz''s');

1 row created.

SQL> commit;

Commit complete.

SQL> select empno,ename from emp
  2  where ename = 'Riaz''s';

     EMPNO ENAME
---------- ----------
       999 Riaz's

SQL>

------------

or use bind variables to handle the data
Avatar of u_riaz
u_riaz

ASKER

Thanks for the reply. I know how to escape those characters. What i wanted to know is the API or Function in OCI that I can Call something like

char szSQLStmt[256] = "select something from something where something = 'usman's name';"
And i can call some function to escape it e.g.

SomeOCIFunctionIamLookingFor(szSQLStmt);

Now this function does the magic and escapes the SQL String.

Thanks,
Usman.
ASKER CERTIFIED SOLUTION
Avatar of catchmeifuwant
catchmeifuwant
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial