Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 531
  • Last Modified:

How to parse SQL containing paired single quotes?

I need to parse strings of the form

SELECT * FROM Table WHERE x='foo', y='foo''bar', z='bar'

and have the following matches returned by regex.split:

'foo', 'foo''bar', 'bar'

I've tried regex ('.*?') to return the quote-delimited strings, but it barfs on the single-quote pair and returns

'foo', 'foo', 'bar', 'bar'

Can someone suggest a way to do this?  Thanks.
0
Extraneus
Asked:
Extraneus
  • 2
  • 2
1 Solution
 
mrjoltcolaCommented:
Yes, don't try to do it with a simple regex. This is something best relegated to traditional parsing. I have written several hundred line SQL parsers and still not approached the full syntax.

If you must, write an explicit parsing routine that handles escaped quotes, etc.

Or,  you can try using the Perl SQL::Statement module. I have used in the past with success.

http://search.cpan.org/~rehsack/SQL-Statement-1.20/lib/SQL/Statement.pm
0
 
numberkruncherCommented:
The following regex can be used to find all literals within your select string:
Pattern:   '([^']|'')*'
 
Input:     SELECT * FROM Table WHERE x='foo', y='foo''bar', z='bar'
 
 
Output on match all:
 
"'foo'"
"'foo''bar'"
"'bar'"

Open in new window

0
 
numberkruncherCommented:
There are no quotes on the output, so just to clarify:
Output on match all (without quotes):
 
'foo'
'foo''bar'
'bar'

Open in new window

0
 
ExtraneusAuthor Commented:
Hey, thanks!  Now I need to figure out how to use regex.matches and match objects, but I see that this works.  Really appreciate it.

Dim RE As Regex = New Regex("'([^']|'')*'", RegexOptions.IgnoreCase)
Dim Matches As MatchCollection = RE.Matches(mySQL)
For Each M As Match In Matches
     response.write(M.toString)
Next

I think I can figure it out from here.

I was using and processing each string in RE.Split(mySQL), which maintained the overall SQL with the new parameters processed.  Unfortunately, this doesn't work with your regex string, but I'll take it!  Thanks a lot!
0
 
ExtraneusAuthor Commented:
Added another comment, explaining that I haven't figure out how to use it yet, because I'm not familiar with regex.matches() yet, but I'm pretty sure I can figure that out.  Thanks a lot!
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now