Auto Escape characters
Is there a flag in MYSQL to automatically escape special characters like single quotes with a backslash? Instead of using a C API or PHP addslashes() funciton for each field I'd need to escape? Thanks, Scott. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Auto Escape characters
Scott Klarenbach wrote: Is there a flag in MYSQL to automatically escape special characters like single quotes with a backslash? Instead of using a C API or PHP addslashes() funciton for each field I'd need to escape? I don't think you've thought that through completely. How would MySQL know which quotes you intended to escape? If what you're asking for were possible, there'd be no need for escaping in the first place. -- Keith Ivey [EMAIL PROTECTED] Smokefree DC http://www.smokefreedc.org Washington, DC -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Auto Escape characters
Haha! Great point. I guess it's time for me to call it a day and get some sleep :-). Thanks, Scott. On Tue, 08 Mar 2005 18:23:24 -0500, Keith Ivey [EMAIL PROTECTED] wrote: Scott Klarenbach wrote: Is there a flag in MYSQL to automatically escape special characters like single quotes with a backslash? Instead of using a C API or PHP addslashes() funciton for each field I'd need to escape? I don't think you've thought that through completely. How would MySQL know which quotes you intended to escape? If what you're asking for were possible, there'd be no need for escaping in the first place. -- Keith Ivey [EMAIL PROTECTED] Smokefree DC http://www.smokefreedc.org Washington, DC -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
query with escape characters
Hi, How can I make a query that looks for a city that has a ' in the name? For instance, I am looking for the name S'ARENAL, but the query below does not work: SELECT intl_localidades.id, intl_localidades.codigo_pais, intl_localidades.localidad_es,intl_zonas.zona,intl_paises.pais_es FROM intl_localidades INNER JOIN intl_zonas ON (intl_localidades.codigo_zona = intl_zonas.id) INNER JOIN intl_paises ON (intl_zonas.codigo_pais = intl_paises.id) INNER JOIN intl_province_mapping ON (intl_localidades.id = intl_province_mapping.location_code) WHERE ((intl_province_mapping.provider_code = 25) and (intl_province_mapping.provider_city_code = 'S\'ARENAL')) Diana Castillo Global Reservas, S.L. C/Granvia 22 dcdo 4-dcha 28013 Madrid-Spain Tel : 00-34-913604039 Fax : 00-34-915228673 email: [EMAIL PROTECTED] Web : http://www.hotelkey.com http://www.destinia.com
Re: query with escape characters
Hi, How can I make a query that looks for a city that has a ' in the name? For instance, I am looking for the name S'ARENAL, but the query below does not work: SELECT intl_localidades.id, intl_localidades.codigo_pais, intl_localidades.localidad_es,intl_zonas.zona,intl_paises.pais_es FROM intl_localidades INNER JOIN intl_zonas ON (intl_localidades.codigo_zona = intl_zonas.id) INNER JOIN intl_paises ON (intl_zonas.codigo_pais = intl_paises.id) INNER JOIN intl_province_mapping ON (intl_localidades.id = intl_province_mapping.location_code) WHERE ((intl_province_mapping.provider_code = 25) and (intl_province_mapping.provider_city_code = 'S\'ARENAL')) Hi there , i've had a similar issue in mysql4 fulltext match against search, a something like chris's wouldnt come up ! you may have to split at the quote and then join it together , i'd be interested how you go i think a like will pick it up some LIKE %S'ARNEL% should pick it up -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: query with escape characters
It depends on what language you are using to send the query. If you are using the shell, 'S\'ARENAL' parses to 'S'ARENAL' before it is sent to the server. You will need to escape the escape character. 'S\\'Arenal' or maybe even 'S\\\'Arenal' or 'S'ARENAL' It depends on how many parsers scan the string before it gets sent on to the server. If you are using perl or PHP use the quoting functions provided. Diana Castillo wrote: Hi, How can I make a query that looks for a city that has a ' in the name? For instance, I am looking for the name S'ARENAL, but the query below does not work: SELECT intl_localidades.id, intl_localidades.codigo_pais, intl_localidades.localidad_es,intl_zonas.zona,intl_paises.pais_es FROM intl_localidades INNER JOIN intl_zonas ON (intl_localidades.codigo_zona = intl_zonas.id) INNER JOIN intl_paises ON (intl_zonas.codigo_pais = intl_paises.id) INNER JOIN intl_province_mapping ON (intl_localidades.id = intl_province_mapping.location_code) WHERE ((intl_province_mapping.provider_code = 25) and (intl_province_mapping.provider_city_code = 'S\'ARENAL')) Diana Castillo Global Reservas, S.L. C/Granvia 22 dcdo 4-dcha 28013 Madrid-Spain Tel : 00-34-913604039 Fax : 00-34-915228673 email: [EMAIL PROTECTED] Web : http://www.hotelkey.com http://www.destinia.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Escape characters
At 20:38 -0700 4/21/04, John Mistler wrote: I could be much clearer: I understand the backtick character, when used on either side of a string i.e. `Hello there` will allow the string to be accessed as one unit, even though there is a space in it. Also, it will allow for `Hello-there` to be accessed as one unit. What I am wondering is, will the backtick allow for all of the other non-alphanumeric characters such as `Hellothere` and `Hello/there` and `Hello*there` to be accessed as one unit. Or will some of these characters cause an error? I can't find a solid answer on-line or in the manual. Sorry for the ambiguity. Thanks, John I don't see what this has to do with variables, which you referred to in the original message (below). Also, it's still unclear what is the context in which you want to use backticks. I'm going to guess that what you're asking about is how to quote identifiers in SQL statements. If that's the case, then you want to read the section in the MySQL manual that discusses legal identifiers: http://dev.mysql.com/doc/mysql/en/Legal_names.html If that's not what you're asking about, my apologies. on 4/21/04 6:46 PM, Paul DuBois at [EMAIL PROTECTED] wrote: At 13:38 -0700 4/21/04, John Mistler wrote: When issuing commands through the terminal (in Mac OS 10.3) to MySQL, I understand that if you surround a variable with \\` it will allow for characters such as - and space. Will it also allow for all other non-alphanumeric characters such as / and * and , etc.? I am confused by this message. For example: The Mac OS X Terminal program doesn't speak to MySQL. MySQL client programs speak to the MySQL server. What kind of variable are you referring to? What does it mean to surround a variable with \\`? What do you mean by allow for characters such as - and space? The variable will allow for - and space? Maybe you could be more specific about what it is that you're trying to accomplish. -- Paul DuBois, MySQL Documentation Team Madison, Wisconsin, USA MySQL AB, www.mysql.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Escape characters
When issuing commands through the terminal (in Mac OS 10.3) to MySQL, I understand that if you surround a variable with \\` it will allow for characters such as - and space. Will it also allow for all other non-alphanumeric characters such as / and * and , etc.? Thanks, John -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Escape characters
Wouldn't it be faster to simply try this than wait on people here to notice your question and write a reply? Have you checked the manual? It may answer your question too Rhino - Original Message - From: John Mistler [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, April 21, 2004 4:38 PM Subject: Escape characters When issuing commands through the terminal (in Mac OS 10.3) to MySQL, I understand that if you surround a variable with \\` it will allow for characters such as - and space. Will it also allow for all other non-alphanumeric characters such as / and * and , etc.? Thanks, John -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED] -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
Re: Escape characters
At 13:38 -0700 4/21/04, John Mistler wrote: When issuing commands through the terminal (in Mac OS 10.3) to MySQL, I understand that if you surround a variable with \\` it will allow for characters such as - and space. Will it also allow for all other non-alphanumeric characters such as / and * and , etc.? I am confused by this message. For example: The Mac OS X Terminal program doesn't speak to MySQL. MySQL client programs speak to the MySQL server. What kind of variable are you referring to? What does it mean to surround a variable with \\`? What do you mean by allow for characters such as - and space? The variable will allow for - and space? Maybe you could be more specific about what it is that you're trying to accomplish. -- Paul DuBois, MySQL Documentation Team Madison, Wisconsin, USA MySQL AB, www.mysql.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
escape characters
Hello everyone! I have an SQL insert statement that contains ' symbols in it, however as I use the ' symbol to denote the differences between columns in the VALUES(...) part, I was wondering if there was another way of doing it so I could include more characters like ' in the statment, a sample would look something like this: INSERT INTO parts VALUES('val1', 'val2', 'val3') if I did something like: INSERT INTO parts VALUES('val1', 'bob's value', 'val3') it would die, is there anyway to make that valid, like doing a \' instead of just '? Theodore Morse -- Theodore Morse CIHOLAS Enterprises [EMAIL PROTECTED] - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: escape characters
Yes... You can just use \' to denote single quotes.. See: http://www.mysql.com/doc/S/t/String_syntax.html Gurhan - Original Message - From: Theodore Morse [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 20, 2002 11:48 AM Subject: escape characters Hello everyone! I have an SQL insert statement that contains ' symbols in it, however as I use the ' symbol to denote the differences between columns in the VALUES(...) part, I was wondering if there was another way of doing it so I could include more characters like ' in the statment, a sample would look something like this: INSERT INTO parts VALUES('val1', 'val2', 'val3') if I did something like: INSERT INTO parts VALUES('val1', 'bob's value', 'val3') it would die, is there anyway to make that valid, like doing a \' instead of just '? Theodore Morse -- Theodore Morse CIHOLAS Enterprises [EMAIL PROTECTED] - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Removing all escape Characters?
Hi, I am currently trying to hack some coldfusion code into submission, and success grows closer and closer by the minute. But what would make my life INFINITELY easier would be to be able to disable all escape characters in varchars and other similar column types. Basically I am porting from a Microsoft sql server environment over to mysql and i deal with alot of \'s. I'm processing it all with coldfusion and i can't find a good coldfusion function like there was in php to make all the inserts safe (i dont remember the function name, but it automatically \\'d the \'s etc.). So I need either 1. a flag that i have yet to find to turn off escape characters completely 2. a coldfusion function to make the sql statements safe. Thanks David Berndt - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Removing all escape Characters?
2. a coldfusion function to make the sql statements safe. You only have to escape like 3 characters. ', , and \. You could just do 3 string replacements or create your own function to perform 3 string replacements. Chris - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Removing all escape Characters?
Problem with this unfortunately though is that i have probably 100+ sql queries spread over several hundred cfm pages to find and change. Plus if i ever want to go back to ms sql i have to switch them all back again. Dave At 05:07 PM 11/19/2001 -0500, you wrote: 2. a coldfusion function to make the sql statements safe. You only have to escape like 3 characters. ', , and \. You could just do 3 string replacements or create your own function to perform 3 string replacements. Chris - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Removing all escape Characters?
So, then even if you make a quote function that's too much work? On Monday 19 November 2001 03:21 pm, berndt wrote: Problem with this unfortunately though is that i have probably 100+ sql queries spread over several hundred cfm pages to find and change. Plus if i ever want to go back to ms sql i have to switch them all back again. Dave At 05:07 PM 11/19/2001 -0500, you wrote: 2. a coldfusion function to make the sql statements safe. You only have to escape like 3 characters. ', , and \. You could just do 3 string replacements or create your own function to perform 3 string replacements. Chris - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php