Include Single Quote

Hi alll,
I have a query like this..
WITH t AS (
SELECT 'GreatkannAd' colnm FROM dual
UNION ALL
SELECT 'Greatka' FROM dual
UNION ALL
SELECT 'GreatKaNNa' FROM dual
SELECT 'SELECT * from yourtable_name' ||' '|| 'where columnname like' ||' '||'%'||colnm||'%' from t The output am getting is
SELECT * from yourtable_name where columnname like %GreatkannAd%
SELECT * from yourtable_name where columnname like %Greatka%
SELECT * from yourtable_name where columnname like %GreatKaNNa%But my requirement is to include single quote (') before beginning and end of each string .
Output required is
SELECT * from yourtable_name where columnname like '%GreatkannAd%'
SELECT * from yourtable_name where columnname like '%Greatka%'
SELECT * from yourtable_name where columnname like '%GreatKaNNa%'Regards,
achyut
Edited by: Achyut K on Jan 10, 2011 4:38 AM

try
WITH t AS (
SELECT 'GreatkannAd' colnm FROM dual
UNION ALL
SELECT 'Greatka' FROM dual
UNION ALL
SELECT 'GreatKaNNa' FROM dual
SELECT 'SELECT * from yourtable_name' ||' '|| 'where columnname like' ||' '||'''%'||colnm||'%''' from t
Nimish Garg
http://nimishgarg.blogspot.com/

Similar Messages

Having a single quote in command line

I have a simple script that changes the permissions on directories. Just a series of chmods. The script is created by a FileMaker database (cos that maintains the list of folders i need to create for projects) and some of the pathnames include single quotes.
The ' is of course a no-no on command, so is there a way to escape it? \' does not seem to work.

If this is an AppleScript you need to double-escape the quote character to get it to work in the shell. The same may be true for Filemaker scripts.
do shell script "chmod 755 /path/to/filename\\'with\\ escaped\\ chars"
The first one tells AppleScript to escape the next character, so the second \ gets passed to the shell. The shell then interprets the \ to escape the single quote, space, or whatever character comes next.
Without the double-escaping, AppleScript sees the first \ and passes the single quote to the shell which gets confused.

REGEXP_LIKE help with literal single-quote

I'm trying to write a check constraint to validate email addresses that may include an apostrophe in the email address. Such as joe.o'[email protected] Here is my sample setup:
create table emails
( email_address varchar2(150)
insert into emails values('[email protected]') ;
insert into emails values('[email protected]') ;
insert into emails values('joey.o''[email protected]') ;
commit;
sql> select * from emails;
EMAIL_ADDRESS
[email protected]
[email protected]
joey.o'[email protected]
alter table emails add constraint email_address_format_ck
CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%-]\'?+@[a-z0-9._%-]+\.mil$','c'));
ERROR at line 2:
ORA-00911: invalid characterIt doesn't like *\'?*
My understanding is this means one or more single-quotes. Anyone know the correct syntax to accept apostrophes?

Hi,
jimmyb wrote:
... insert into emails values('joey.o''[email protected]') ;
That's the correct way (actually, that's one correct way) to include a single-quote in a string literal: use 2 single-quotes in a row.
... alter table emails add constraint email_address_format_ck
CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%-]\'?+@[a-z0-9._%-]+\.mil$','c'));Here, the 2nd argument to REGEXP_LIKE is a string literal, just like 'joey.o''[email protected]' was a string literal.
To include a single-quote in the middle of this string literal, do the same thing you did before: use 2 of them in a row:
CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%''-]+@[a-z0-9._%-]+\.mil$','c'));There were a couple of other problems, too.
I'm sure you meant for the apostrophe to be inside the square brackets. Inside square brackets, \ does not function as an escape character. (Actually, single-quote has no special meaning in regular expressions, so there's no need to escape it anyway.)
I'm not sure what the '?' mark was doing; I left it out.
Of course, you'll have trouble adding the CHECK constraint if any existing rows violate it.
Edited by: Frank Kulash on Feb 10, 2012 6:52 PM

Update with a Single Quote value

how do i update a field containing a sigle quote in a record ?
e.g :
i have a table s_order_item_xa
filed: attr_name
old value: Noofndk
new value: Noofn's
how can i update above field value? i am using row_id in where condition to identify rows which i want to update.

Hi,
Is the question "How can I include a single-quote character in a string literal?", then the answer is to use 2 of them, like this:
UPDATE books
SET     dewey_num = '291''.4'
WHERE   dewey_num = '291.4'
;In Oracle 10 (and up) you can also use Q-notation. For example:
UPDATE books
SET     dewey_num = Q'[291'.4]'
WHERE   dewey_num = '291.4'
;Edited by: Frank Kulash on Sep 14, 2009 9:51 AM

Single quote used with in text data renders to inalid display

I have the following text snipit that is coming from an Oracle database column: ...did not include 'special decontamination'. New ...
I am putting this into a pretty standard text object. When the report is previewed and subsequently printed as a PDF each single quote is transformed to the text string &_#_3_9_; code (without the underscores). This also occurs for quotation marks appearing as &_q_u_o_t_; and ampersands appearing as &_;_a_m_p_;
I've tried changing the text interpretation property from none to rtf and, with a refresh, nothing changed. It is hard for me to believe that no one else has seen this but since you can not search the forum for this string (as it converts it to the single quote) may not one has asked.
Thanks in advance.

Hi Don,
The CLOB would do it.
Not sure there is a way around this aside from how you've already been dealing with it.
To simply your formula a bit, you don't need to do a loop just have it check for each of the tags like:
stringVar TempText := {PPR_Main.CONCERNS};
TempText := Replace (TempText, '&_#_3_9_;', "'") ;
TempText := Replace (TempText, '&_;_a_m_p_', "&") ;
TempText := Replace (TempText, '&_q_u_o_t_;', '"') ;
TempText
I agree though that there may be other tags added later on based on other characters so it could be infinite. Try the common characters like Exclamation and Question marks.
Good luck,
Brian

Data model: single quote in default parameter value

Hello,
when I assign a default value to a parameter in my Data model, which includes a single quote (i.e. "It's a default value"), then the single quote is escaped with a backslash (i.e. "It\'s a default value") when I open the report associated with the data model. How can I get rid of the escape character when opening a report?
Regards,
Jure

Hi Yogini,
Thanks for your reply.
When the customer name is selected, discoverer reports automatically enclose the customer names in single quotes. like 'ABC LTD', 'ABC's INC',
I know how to change this single quote format. Also we don't want user to change the parameter selection criteria once selected.
Also related to double quotes isn't it doubles are treated as column names in the SQL query and can not be used for any other purpose.
Apologies, I haven't tried this but I think it will not work. Have you tried this with discoverer viewer.
As mentioned intrusting things is when a customer name with single quote is selected in discoverer Plus it automatically formats the filter criteria to look like ['ABC LTD', 'ABC''s INC'] but this thing doesn't happen in viewer.
I think this is a bug in discoverer viewer and think there must be some patch available to correct this problem.
Sorry, don't have a solution yet but will certainly update the thread once I get the solution.
Also please keep looking for a solution and let me know as well.
Thanks a lot in advance.
Best Regards,
Manish

Embedded Single Quote in SQL Column truncates Java String

I have a jsp web page that queries a database to see what day a user is registered for and then produces an URL for the user to click on. My problem is that the URL being processed stops when an embedded single quote is encountered.
Here is the database side:
Database side:
Create Table registration
(reg_id int not null,
name varchar2(45) not null,
day_nb int not null);
Insert into registration
(reg_id, name, day_nb)
values (1043,'Johnny''s Diner', 1);
Select name, day_nb from registration
where reg_id = 1043;
name, day_nb
Johnny's Diner 1
Snippet of relevant java code: (JSP page)
<%
int day_nb = rs.getInt("day_nb");
String particpant_name = rs.getString("name");
System.out.println("registration.jsp: particpant_name = " + particpant_name);
%>
<td width="84%">
     <a
     href='<%=response.encodeURL("registrationHandler.jsp?"particpant_name="+ particpant_name + "&day_nb="+ day_nb)%>'><%=particpant_name%>
                              </a>
                         </td>
{code}
The following is printed to System.Out:
registration.jsp: particpant_name = Johnny's Diner
The code produces the following URL
http://www.mycompany.com/registrationHandler.jsp?particpant_name=Johnny
The response.encodeURL is stopping on the single quote contained in "Johnny's Diner"
The URL I want is:
http://www.mycompany.com/registrationHandler.jsp?particpant_name=Johnny's Diner&day_nb=1
How do I account for the embedded single quote so the code works properly? Thanks In Advance!

You really need to read up on [SQL Injection|http://en.wikipedia.org/wiki/SQL_injection] and [XSS/Cross-Site Scripting|http://de.wikipedia.org/wiki/Cross-Site_Scripting]. Both present massive security problems and your code seems prone to easily producing both.
For SQL Injection attacks the correct solution is to always use PreparedStatements with only hard-coded String (i.e. never use String concatenation to build SQL statements).
For XSS attacks the solution is a bit harder, but basically you need to learn never to trust user input (that includes user input that you've previously stored in the database!) and always escape what the user sent when you print it back out.

Single quote ' in output difficulty

I'm trying to output a single quote, then a value, but I'm having trouble. Any solutions?
I've tried using '', ''', '(...)'.
    tabFIELD = 'tab-field'.
          varVALUE = 'CCC'.
          CONCATENATE cond
                    tabfield
                    'EQ'
                    <b>''varVALUE''</b>
                    INTO cond SEPARATED BY SPACE.
when using ''varVALUE'' my output is just CCC.
when using '''varVALUE''' my output is 'varVALUE'.
when using 'varVALUE' my output is just CCC.
when I try '''(varVALUE)''' my output is '(varVALUE)'.
I want 'CCC'.
Anybody know the solution? please help.
N L

To use a single quote you need to double it. Try:
'''varVALUE'''
Since varValue is a variable, try:
'''' varvalue ''''
in your concatentation.
If you want no spacing, then you might need to put the last bit of code above in its own concatentation without seperating by space, then include that in final concatenation.
Let us know how it goes.
Message was edited by: Charles Folwell
Message was edited by: Charles Folwell

Copying a table with the right-click menu in schema browser fails to copy comments when string has single quote(s) (ascii chr(39))

Hi,
I'm running 32-bit version of SQL Developer v. 3.2.20.09 build 09.87, and I used the built in context menu (right-clicking from the schema browser) today to copy a table. However, none of the comments copied. When I dug into the PL/SQL that the menu-item is using, I realized that it fails because it doesn't handle single quotes within the comment string.
For example, I have a table named WE_ENROLL_SNAPSHOT that I wanted to copy as WE_ENROLL_SNAPSHOT_V1 (within same schema name)
1. I right-clicked on the object in the schema browser and selected Table > Copy...
2. In the pop-up Copy window, I entered the new table name "WE_ENROLL_SNAPSHOT_V1" and ticked the box for "Include Data" option. -- The PL/SQL that the menu-command is using is in the "SQL" tab of this window. This is what I extracted later for testing the issue after the comments did not copy.
Result: Table and data copied as-expected, but no column or table comments existed.
I examined the PL/SQL block that the pop-up window issued, and saw this:
declare
l_sql varchar2(32767);
c_tab_comment varchar2(32767);
procedure run(p_sql varchar2) as
begin
     execute immediate p_sql;
end;
begin
run('create table "BI_ETL".WE_ENROLL_SNAPSHOT_V1 as select * from "BI_ETL"."WE_ENROLL_SNAPSHOT" where '||11||' = 11');
select comments into c_tab_comment from sys.all_TAB_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and comments is not null;
run('comment on table BI_ETL.WE_ENROLL_SNAPSHOT_V1 is '||''''||c_tab_comment||'''');
for tc in (select column_name from sys.all_tab_cols where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT')
    loop
   for c in (select comments from sys.all_col_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and column_name=tc.column_name)
   loop
   run ('comment on column BI_ETL.WE_ENROLL_SNAPSHOT_V1.'||tc.column_name||' is '||''''||c.comments||'''');
end loop;
end loop;
EXCEPTION
WHEN OTHERS THEN NULL;
end;
The string of the table comment on WE_ENROLL_SNAPSHOT is this:
WBIG table of frozen, point-in-time snapshots of Enrolled Students by Category/term/pidm. "Category" is historically, and commonly, our CENSUS snapshot; but, can also describe other frequencies, or categorizations, such as: End-of-Term (EOT), etc. Note: Prior to this table existing, Census-snapshots were stored in SATURN.SNAPREG_ALL. All FALL and SPRING term records prior-to-and-including Spring 2013 ('201230') have been migrated into this table -- EXCEPT a few select prior to Fall 2004 (200410) records where there are duplicates on term/pidm. NO Summer snapshots existed in SNAPREG_ALL, but were queried and stored retroactively (including terms prior to Spring 2013) for the purpose of future on-going year-over-year analysis and comparison.
Note the single quotes in the comment: ... ('201230')
So, in the above PL/SQL line 11 grabs this string into "c_tab_comment", but then line 12 fails because of the single quotes. It doesn't know how to end the string because the single quotes in the string are not "escaped", and this messes up the concatenation on line 12. (So, then no other column comments are created either because the block throws an error, and goes to line 22 for the exception and exits.)
When I modify the above PL/SQL as my own anonymous block like this, it is successful:
declare
c_tab_comment VARCHAR2(32767);
begin
SELECT REPLACE(comments,chr(39),chr(39)||chr(39)) INTO c_tab_comment FROM sys.all_TAB_comments WHERE owner = 'BI_ETL'   AND table_name = 'WE_ENROLL_SNAPSHOT' AND comments IS NOT NULL;
EXECUTE IMMEDIATE 'comment on table BI_ETL.WE_ENROLL_SNAPSHOT_V1 is '''||c_tab_comment||'''';
for tc in (select column_name from sys.all_tab_cols where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT')
    loop
   for c in (select REPLACE(comments,chr(39),chr(39)||chr(39)) comments from sys.all_col_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and column_name=tc.column_name)
   loop
   EXECUTE IMMEDIATE 'comment on column BI_ETL.WE_ENROLL_SNAPSHOT_V1.'||tc.column_name||' is '||''''||c.comments||'''';
end loop;
end loop;
EXCEPTION
WHEN OTHERS THEN NULL;
end;
On lines 4 and 8 I wrapped the "comments" from sys.all_tab_comments and sys.all_col_comments with a replace command finding every chr(39) and replacing with chr(39)||chr(39). (On line 8 I also had to alias the wrapped column as "comments" so line 10 would succeed.)
Is this an issue with SQL Developer? Is there any chance that the menu-items can handle single quotes in comment strings? ... And, of course this makes me wonder which other context menu commands in the tool might have a similar issue.
Thoughts?
thanks//jacob

PaigeT wrote:
I know about quick drop, but it isn't helpful here. I want to be able to right click on a string or array wire, navigate to the string or array palette, and select the corresponding "Empty?" comparator. In this case, since I do actually know where those functions live, and I'm already using my mouse to right click on the wire, typing ctrl-space to open quick drop and then typing in the function name is actually more work than navigating to it in the palette. It would just be nice to have it on hand in the location I naturally go to look for it the first time.
I don't agree with this work flow. Right hand on mouse, left hand on home keys. Pressing CTRL + Space is done with the left hands, and then you could assign "ea" to "Empty Array" both of which is accessible with the left hand. Darren posted a bunch of great shortcuts for the right handed developer.
https://decibel.ni.com/content/docs/DOC-20453
This is much faster than waiting for any right click menu navigation, even if it is found in the suggested subpalette.
Unofficial Forum Rules and Guidelines - Hooovahh - LabVIEW Overlord
If 10 out of 10 experts in any field say something is bad, you should probably take their opinion seriously.

SQL*Loader and data enclosed by single quotes

Hello,
I need to migrate some data from Sybase to Oracle. Can't use the Migration Workbench because this is Sybase's SQL Anywhere product. We are therefore trying to load via SQL*Loader.
Sybase outputs its data into text files and encloses it with single quotes, like:
'ABC123',
'UR94LL',
'7YUHII'
We are running into a problem because we cannot figure out how to use the OPTIONALLY ENCLOSED BY parameter with single quotes. If we just use the FIELDS TERMINATED BY parameter, then the entire string, including the quotation marks, gets loaded into the Oracle table. This causes bad records to be created when the data is exactly the length of the column width - the two quotation markss make the field longer than is allowed in the table. Plus - the data shouldn't have quotes around it in normal situations.
We can do 'Find and Replace' to replace the single quotation marks with double quotations, but some of the Sybase tables are huge, and we'd like to avoid having to open and edit them. However, if this is the only way to go, then we'll have to use it. I just wondered whether anyone had run into this before and been able to solve it.
Thanks.
-melissa

We are running into a problem because we cannot figure out how to use the OPTIONALLY ENCLOSED BY parameter with single quotesTry
OPTIONALLY ENCLOSED BY X'27'http://download-uk.oracle.com/docs/cd/B10501_01/server.920/a96652/ch06.htm#1015083

How to update row when data contains single quote ?

Hi,
Please see this query:
update query_tab set title='It's common knowledg' where
id='1121';I have this update query coming from .NET, but abviously this is error since single quote in the text (title column) given by user gives wrong meaning to sql parser. So, how to solve this problem ?
Edited by: bootstrap on Dec 25, 2010 9:53 AM

Hi,
To include a single-quote in a string literal, use two of them in a row:
update      query_tab
set      title     = 'It''s common knowledge'
where      id     = '1121';The method above works in any version of Oracle.
Starting in Oracle 10, you can also use Q-notation, like this:
update      query_tab
set      title     = Q'[It's common knowledge]'
where      id     = '1121';For details, look up "Text Literals" in the SQL Language manual:
http://download.oracle.com/docs/cd/B28359_01/server.111/b28286/sql_elements003.htm#sthref337

ReplaceAll() single quotes to double quotes

i've been trying to use the replaceAll() method to change single
quotes in a document to double quotes. All my attempts have
failed.
Thanks in advance,
Enaknonnel

Sorry, I was terse in my first post, but since you are just replacing one char
with another, using replaceAll is overkill -- it is meant to take a regular expression
search string. So keep it simple and use replace. I think you may have
chosen replaceAll because of that reassuring "All" in its name, but do check
the API: method replace replaces all occurrences.
One more thing: posting something like "All my attempts have failed" is itself
a failure. It tells us nothing concrete. A better post would have included
a short example program that was your best attempt.

WLS 9.2: JSP error when attribute enclosed in double vs single quote

Hi all,
          We are trying to deploy a WAR file on WLS 9.2 on a Unix box. This app uses Struts, and does not use any app-server specific extensions/tags etc. We run into JSP compilations errors when we try to deploy as well as when we run weblogic.appc on the WAR. The errors are generally the same type..."This attribute is not recognized" for multiple Tags that are used...not just Struts tags, but even plain vanilla <jsp:include tags...liks so:
          LookupPO.jsp:102:72: This attribute is not recognized.
          <jsp:include flush="true" page="
          <%=(String)request.getAttribute("selectTile")%>"/>
          ^--------^
          However, if we just change the same tag to use single quotes for attribute values, like so:
          <jsp:include flush="true" page='
          <%=(String)request.getAttribute("selectTile")%>'/>
          then it works fine.
          What throws me off is that these tags in the same double-quoted format work well on other servers such as Sun Java System.
          Changing the double to single quotes for every single tag in our applications 600-odd JSPs will be a huge burden...is there any other way?
          Any help is sincerely appreciated.
          Thanks,
          Vik.
          Edited by vshevde at 03/26/2008 9:09 AM

quote:
Originally posted by:
joeG
Ok I see what you mean, actually the insert in that fashion
with MySQL still puts the data in normalized, its just in one
statement. From the docs:
INSERT statements that use VALUES syntax can insert multiple
rows. To do this, include multiple lists of column values, each
enclosed within parentheses and separated by commas. Example:
INSERT INTO tbl_name (a,b,c) VALUES(1,2,3),(4,5,6),(7,8,9);
thanks for the response.
Oh, that's what you meant. See what happens when you get old,
you go blind.
I have two suggestions. First, keep trying with cfqueryparam.
I don't use it that often myself because the db I work with doesn't
support it, but, I think it has a list attribute.
Second, what you are attempting, a loop within a query, is
intuitively more efficient than putting your query inside a loop.
This is something I have tested and what I found is that the most
efficient approach depends on the db. I did not test MySQL, but I
suggest you do. The gettickcount() function is handy for these
sorts of tests.

SSAS SSRS Report Action on Cell Value w/ Embedded Single Quote Not Executing

I have configured an SSAS 2008 R2 cube SSRS ReportAction. I'm having problems when the member value for a cell has an embedded single quote, e.g. abc's. The action displays on the context menu appropriately, but when I click on the action, nothing happens.
For member values that do not have the single quote, the action works as designed. I've added a calculated ember to escape the embedded single quote by adding another single quote, e.g. abc''s, with no luck. Is there a resolution or workaround for this?

Hi Mdccuber,
According to your description, you create a reporting action in you cube, and it works fine except the members that have embedded single quote, right? In your scenario, it seems that you pass this value to the report as the parameter.
In SQL Server Analysis Services (SSAS), when pass values to a report, multi-select parameters have to be placed into IN statement and SQL Server Reporting Services (SSRS) will do single-quote wrapping for string values automatically. In this case, the original
value that have embedded single quote will be damaged. So this action not work. You can submit a feedback at
http://connect.microsoft.com/SQLServer/Feedback and hope it is resolved in the next release of service pack or product.
Regards,
Charlie Liao
TechNet Community Support

How can I will declare the symbol u2018 (Single Quote) in the report

Hi ,
Could you please tell me how can I will declare the symbol u2018 (Single Quote) in the report.
My requirement is that I have concate the data with single quote and after that I have to store the data in to an internal table and I have to download the data in the form text file in the presentation server.
For example :
Let the below data I want to download into the presentation serve in the format of text file by storing in internal table.
Assume all are constants:
1st line : abcu2019add
2nd line : defu2019gef
Thanks in advance.

Hi Jyothi,
Thanks for the quick reply .
I can agree with you are point but My requirement is like this I am explaining clearly.
I have declared the internal table like this.
DATA: BEGIN OF OTAB OCCURS 0,
LINE (9024),
END OF OTAB.
So I have to append the each line item into the internal table.
So I am explaining what the data I have to append
Ist line contains
'UNBUNOC:2020308u2019 where 020308 I will get the date from reguh table
2nd line contains:
'DTM+20020510' where the 20020510 will be reference document number from the table reguh.
So I want to declare a constant 'UNBUNOC:2
2nd the date from reguh table
And another constant u2018
So that I can concate all the three and I can put into string and I will append into internal table and I can download the data into the presentation server.
Please let me know if you need any more clarification regarding my requirement.
Thanks in advance.

Include Single Quote

Similar Messages

Maybe you are looking for