Solved

C# single quoting a dynamical sql statement.

Posted on 2016-10-19
4
55 Views
Last Modified: 2016-10-23
I am maintaining some C# code. The code builds a dynamic query. I noticed that an effort is put twords putting single quotes around
the value passed for the parameter. See below as an example where chosen.Option is single quoted. Can someone tell me what the
rule is that applies to single quoting dynamic queries? When is it necesary to surround the variable with single quotes?

queryString = "BEGIN EXEC sprGetVarData @NAME= '"  + chosen.Option +  "'";
0
Comment
Question by:brgdotnet
4 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 251 total points
ID: 41851390
Values in SQL queries always have to be quoted in my experience.  MySQL will allow you to use single or double quotes.  But the double quotes for your string require either single quotes or escaping double quote.  Single quotes are usually used because they are slightly easier than escaping a lot of double quotes.
0
 
LVL 51

Assisted Solution

by:Ryan Chong
Ryan Chong earned 83 total points
ID: 41851398
you should use a Command object to call your stored procedure in which for your Command object, you adding a Parameter with its value. Since you adding it as a value, it will handle the single quote issue for you.

you can share your existing codes here if necessary.
0
 
LVL 44

Assisted Solution

by:AndyAinscow
AndyAinscow earned 83 total points
ID: 41851570
You will usually use quotes (single or double) for string values, especially if there is a space in the value.

x = hello world
means x is assigned the value hello and then the compiler will inform you it doesn't know what world means.
0
 
LVL 28

Assisted Solution

by:Pawan Kumar
Pawan Kumar earned 83 total points
ID: 41852832
You add single quotes if you are passing a string value to a stored procedure so the parameters would be of type Varchar or NVarchar.

SQL Server interprets single quote as a string value.

Specific to your case you are passing Name from the option list, so that will be a string value as Name cannot of type int/float/bit/etc.


Hope it helps.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question