Issue searching a content with a single quote in title using matches

Similar Messages

• SQL Injection, replace single quote with two single quotes?

  Is replacing a single quote with two single quotes adequate
  for eliminating
  SQL injection attacks? This article (
  http://www.devguru.com/features/kb/kb100206.asp
  ) offers that advice, and it
  enabled me to allow users to search name fields in the
  database that contain
  single quotes.
  I was advised to use "Paramaterized SQL" in an earlier post,
  but I can't
  understand the concept behind that method, and whether it
  applies to
  queries, writes, or both.

  Then you can use both stored procedures and prepared
  statements.
  Both provide better protection than simply replacing
  apostrophes.
  Prepared statements are simple:
  Set myCommand = Server.CreateObject("ADODB.Command")
  ...snip...
  myCommand.CommandText = "INSERT INTO Users([Name], [Email])
  VALUES (?, ?)"
  ...snip...
  myCommand.Parameters.Append
  myCommand.CreateParameter("@Name",200,1,50,Name)
  myCommand.Parameters.Append
  myCommand.CreateParameter("@Email",200,1,50,Email)
  myCommand.Execute ,,128 'the ,,128 sets execution flags that
  tell ADO not to
  look for rows to be returned. This saves the expense of
  creating a
  recordset object you don't need.
  Stored procedures are executed in a similar manner. DW can
  help you with a
  stored procedure through the "Command (Stored Procedure)"
  server behavior.
  You can see a full example of a prepared statement by looking
  at DW's
  recordset code after you've created a recordset using version
  8.02.
  "Mike Z" <[email protected]> wrote in message
  news:eo5idq$3qr$[email protected]..
  >I should have repeated this, I am using VBScript in ASP,
  with an Access DB.
  >

• How to replace double quotes with a single quote in a string ?

  Hi All:
  Can some one tell me how to replace double Quote (") in a string with a single quote (') ? I tried to use REPLACE function, but I couldn;t get it worked.
  My example is SELECT REPLACE('STN. "A"', '"', ''') FROM Dual --This one throws an error
  Thanks,
  Dima.

  Whether it is maybe not the more comfortable way, I like the quoting capabitlity from 10g :
  SQL> SELECT REPLACE('STN. "A"', '"', q'(')') FROM Dual;
  REPLACE(
  STN. 'A'{code}
  Nicoals.                                                                                                                                                                                                                                                                                                                                                                                                                                       

• How to pass presentation variable with enclosing single quotes

  HI All,
  As all of you know in 11g, Presentation variable can hold more than one value.So we can pass multiple values to the report through presentation variable.
  If we select x,y,z values from prompt drop down,then those values will be stored like x,y,z in the presentation variable.
  but I would like to store these values with enclosing single quotes like 'x,y,z'
  The reason is I need to pass this variable value as input to BI Publisher sql dataset query where clause.
  Please share your Ideas.
  Thanks,
  Aravind

  Aravind,
  Check this
  Predefined Presentation Variables in OBIEE 11G | Praveen&amp;#039;s Blog

• Somewhere my "T" key is set as a keyword and everytime I type a t, I have a blank search open up with a tab. Impossible to use for email.

  Somewhere my "T" key is set as a keyword and everytime I type a t, I have a blank search open up with a tab. Impossible to use for email.

  Is it only T? Does pressing N open a new window, and does R reload the page?
  The most likely reason for this is that the CTRL key is held down - see [[Keyboard shortcuts]] for information on what should happen when keys are held down together.
  If a key isn't stuck or being held down, an extension could be the cause. See [[Troubleshooting extensions and themes]] to troubleshoot.

• Query with Apostrophe (single quote)

  Hi all,
  I have noticed that when you enter a search string with an apostrophe (eg. Tito's Station) in a textbox on a form linked to a table and hit the Query button, it generates an sql error. I think this is cos u cannot have an apostrophe (single quote) in the search string in a "where" clause.
  I am using Portal version 3.0.6.6.5 on an 8.1.7 database.
  I have logged a tar (1744105.999) for this but it is said to be a bug (1759202). I wish to enquire whether any of you have had this problem with a later version or at which version leve this bug has been fixed.
  Does any1 know how to limit the text typed into a texbox, so that it wont accept certain characters (eg. the apostrophe key) ??
  Thanks

  Hi Rene'
  Thanks for your help! This will definitely help me alot! I am a little baffled with your code for delimiting the single quote. I tried it and it doesnt work.
  Thanks very much for the response
  Naseem
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Rene' Castle ([email protected]):
  This is still an issue in 3.0.8.9.8. You can use a Javascript validation routine to disallow special characters.
  If you want to check to see that they only enter certain things you can do:
  var s = theElement.value;
  var filter=/^[a-zA-Z]{1,}$/;
  if (s.length == 0 ) return true;
  if (filter.test(s))
  return true;
  else
  alert(" Please input a valid character" );
  theElement.focus();
  theElement.select();
  return false;
  The above code would only allow one or more alphabetic characters. You could make it [a-zA-Z0-9] to allow alphanumeric characters. You could also allow anything but specific characters by doing the following:
  var s = theElement.value;
  var filter=/[^']*/;
  if (s.length == 0 ) return true;
  if (filter.test(s))
  alert(" Please input a string without a single quote (') in it" );
  theElement.focus();
  theElement.select();
  return false;
  else
  return true;
  Hope this gets you started.
  Rene'<HR></BLOCKQUOTE>
  null

• How do I search the content inside a single email?

  I'm new to the iPad with the recent purchase of my iPad 3. I enjoy using Apple's Mail app. And I know how to search the contents of "all emails. "But how do I search the text content of a particular email? I am talking about one single email here. Again, I know how to search ALL emails -- I'm not asking about that. How do I search the content of just one email?
  This is a logical question, but I'm surprised no one is asking it. Sometimes we receive long emails. And we want to search for a keyword within that given long email. So how do we do that on the iPad with Apple's Mail?
  Thank you.

  Sorry, but you don't as it's not a feature of the Mail app on iPad, iPhone or iPod Touch.
  I guess the reason you don't see lot's of inquiries on this is there's not demand for this particular feature, but feel free to leave feedback with Apple, via the following link:  http://www.apple.com/feedback/ipad.html

• String with embedded single quote

  Hi, all. We're trying to pass a string from one procedure to another, which will then do an EXECUTE IMMEDIATE on it. However, there are single quotes withing the string, and they're driving us nuts! This is what the concatenated string should look like when passed to the pw_execDDL procedure:
  insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values ('MEAG', to_date('02-OCT-05','DD-MMM-YY'), 'Y',1);
  Here's the concatenation process that doesn't work, and there are functions being called within the string:
  chr_sql := 'insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values (' || '''' || prm_inoc_id || '''' || ', ' || 'to_date(' || '''' || prm_proof1 || ''''||','||'''' ||'DD-MMM-YY'||''''||')' || ', ' || '''' || fw_is_proof_valid(prm_birth_date, prm_proof1) || '''' || ',1);';
  pw_execDDL(chr_sql); /* call the procedure to do the EXECUTE IMMEDIATE */
  Help! We've tried every combination -- using two single quotes together, three, and four, and still no luck. Thanks.

  insert into appimmunization.wsrprfs (inoc_id, proof,
  is_valid,proof_num) values ('MEAG',
  to_date('02-OCT-05','DD-MMM-YY'), 'Y',1);
  This statement can be made in a string with the following affectation:
  chr_sql := 'insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values (''MEAG'', to_date(''02-OCT-05'',''DD-MMM-YY''), ''Y'',1)';
  Note please that each single quote in your original string must be specified using two single quotes and that is all. It is more readable and more easy to do it this way.
  Michel.

• How to search the location of the single quote using instr func in a string

  I have a string '345634','234'(all 4 single quotes are part of the string) and I want to find the location of the 3rd single quote using the instr function , could sum1 quickly please help me out.
  Regards
  Rahul
  Edited by: Rahul Kalra on Aug 26, 2010 8:58 AM

  Carlovski wrote:
  You really do learn something new every day!
  It really is quite ugly syntax though.Not really. You can use whatever character you want to indicate the start and end of the string, but if you use any of the brackets "[", "(" or "{" you should terminate using the opposing bracket "]", ")" or "}" respectively. It also looks a bit more ugly with data like that, but if you are entering regular text then it looks ok...
  e.g.
  SQL> select q'[This is my string with fred's quotes in it]' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL> select q'(This is my string with fred's quotes in it)' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL> select q'{This is my string with fred's quotes in it}' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL> select q'.This is my string with fred's quotes in it.' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL> select q'#This is my string with fred's quotes in it#' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL> select q'`This is my string with fred's quotes in it`' as mystring from dual;
  MYSTRING
  This is my string with fred's quotes in it
  SQL>Well... almost any character...
  SQL> select q'¼This is my string with fred's quotes in it¼' as mystring from dual;
  ERROR:
  ORA-01756: quoted string not properly terminated

• REGEXP_LIKE help with literal single-quote

  I'm trying to write a check constraint to validate email addresses that may include an apostrophe in the email address. Such as joe.o'[email protected] Here is my sample setup:
  create table emails
  ( email_address varchar2(150)
  insert into emails values('[email protected]') ;
  insert into emails values('[email protected]') ;
  insert into emails values('joey.o''[email protected]') ;
  commit;
  sql> select * from emails;
  EMAIL_ADDRESS
  [email protected]
  [email protected]
  joey.o'[email protected]
  alter table emails add constraint email_address_format_ck
      CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%-]\'?+@[a-z0-9._%-]+\.mil$','c'));
  ERROR at line 2:
  ORA-00911: invalid characterIt doesn't like *\'?*
  My understanding is this means one or more single-quotes. Anyone know the correct syntax to accept apostrophes?

  Hi,
  jimmyb wrote:
  ... insert into emails values('joey.o''[email protected]') ;
  That's the correct way (actually, that's one correct way) to include a single-quote in a string literal: use 2 single-quotes in a row.
  ... alter table emails add constraint email_address_format_ck
  CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%-]\'?+@[a-z0-9._%-]+\.mil$','c'));Here, the 2nd argument to REGEXP_LIKE is a string literal, just like 'joey.o''[email protected]' was a string literal.
  To include a single-quote in the middle of this string literal, do the same thing you did before: use 2 of them in a row:
  CHECK ( REGEXP_LIKE ( email_address, '^[a-z0-9._%''-]+@[a-z0-9._%-]+\.mil$','c'));There were a couple of other problems, too.
  I'm sure you meant for the apostrophe to be inside the square brackets. Inside square brackets, \ does not function as an escape character. (Actually, single-quote has no special meaning in regular expressions, so there's no need to escape it anyway.)
  I'm not sure what the '?' mark was doing; I left it out.
  Of course, you'll have trouble adding the CHECK constraint if any existing rows violate it.
  Edited by: Frank Kulash on Feb 10, 2012 6:52 PM

• Update with a Single Quote value

  how do i update a field containing a sigle quote in a record ?
  e.g :
  i have a table s_order_item_xa
  filed: attr_name
  old value: Noofndk
  new value: Noofn's
  how can i update above field value? i am using row_id in where condition to identify rows which i want to update.

  Hi,
  Is the question "How can I include a single-quote character in a string literal?", then the answer is to use 2 of them, like this:
  UPDATE  books
  SET     dewey_num = '291''.4'
  WHERE   dewey_num = '291.4'
  ;In Oracle 10 (and up) you can also use Q-notation. For example:
  UPDATE  books
  SET     dewey_num = Q'[291'.4]'
  WHERE   dewey_num = '291.4'
  ;Edited by: Frank Kulash on Sep 14, 2009 9:51 AM

• ITunes Match now stalls on step 1.  I have a PC with Windows Vista.  I've use Match for a long time

  iTunes Match now stalls on step 1.  I have a PC with Windows Vista.  I've used iTunes Match for a long time & it has worked well until last week.  Most of my songs now have a dotted outlined cloud beside them & I can't download to my phone.  6 new albums can't be seen at all.  I've turned off Match (with shift key down) & turned it back on - restricted my upload speed to 75% of max - I even uninstalled iTunes & re-installed it.  Any suggestions?

  iTunes Match is stalled in the same place again today.  Step 1 seems to have completed as the blue progress bar is complete.  The message says "Delivering your iTunes Match results..."  When I went to bed last night, this is where iTunes was stuck.  But this morning, Match had stopped trying to "deliver."  It obviously did not finish because 6 new albums do not show up on my iPhone 5 - all of the 3 steps on the Match page were grayed out this morning & the "Start" button was available.
  This is what I did yesterday - I looked at My Music and clicked "Songs."  I then added the "iCloud" column and sorted by that field.  I found about 100 files that had a problem of some sort (cloud with exclamation point inside).  Each of them had lost track of where the music file was - even though the music files were exactly where they should have been.  I re-linked (one at a time) all of the music files to the song titles.  In the cloud field one song was described as "ineligible for iTunes Match."  It had a could with a line drawn through it.   I didn't know what that meant, so I deleted the song.
  I then turned off iTunes Match holding the shift key down & iTunes began collecting information from my library.  This took several hours but it did seem to complete because it changed to the "delivering results" message.  However, this morning I noticed that all of the files I re-linked yesterday still had the "error cloud" symbol today - a cloud with an exclamation mark inside.  Yesterday these songs wouldn't play until I re-linked the files.  Today they will play as expected, but they still have the "error cloud.'  To add to my confusion albums marked with the "error file" are still able to be downloaded to my phone, but the songs with the "error cloud" will not play smoothly on my PC.  They stutter regularly throughout playback.  However, if I download one of those songs or albums to my phone, it plays perfectly.
  I hope this helps someone to explain what my problem is & the appropriate solution.  I have a little more than 12,000 songs in my library in case that makes a difference.  Should I just delete the files with he "error cloud"?  All of the songs appear to be still in the cloud because they are available for download to my phone.

• Report handling names with a single quote

  Report 10gR2
  I have created a report and most of the functionality that i want is working as expected.
  I have a report where i am letting user enter their first name on one field and last name on another field in the parameter screen ( thats how it's stored in the database)
  If they enter any name with an aphostrophe , say D'Costa ( either first name or last name)
  then i get the below error
  REP-50003: Bad parameter: pfaction=http://.........
  I am using like keyword as seen below in the afterparam trigger and passing the parameter :p_where_last_name to the main sql query
       :p_where_last_name := ' AND UPPER( :last_name) LIKE (' ||''''||'%'||UPPER(:last_name)||'%'||''''||')' ;
  Whats the best approach to handle this issue
  Also is there a way to capture this error
  ' REP-50003: Bad parameter: pfaction=http://.........
  ' and display a message, if so where and how, please advise.
  thanks.
  Edited by: Forms_Reports_Beginner on Aug 13, 2009 1:52 PM

  I am not using form , it's just done in report, that is i am not calling the report from a form , just from a menu.
  :last_name is a report_paramter that i created on the report.
  you're right the first assignmnt is
  AND UPPER( db column) LIKE
  I have a paramter form on the report with a field last name and I am letting the user enter last name there which gets stored in the :last_name
  Edited by: Forms_Reports_Beginner on Aug 14, 2009 7:29 AM
  Edited by: Forms_Reports_Beginner on Aug 14, 2009 7:32 AM
  Rodolfo,
  your solution works,
  :p_where_clause := ' AND UPPER( db_column ) LIKE (' ||''''||'%'||UPPER(Replace(:p_2,chr(39), chr(39)||chr(39)))||'%'||''''||')' ;
  but i dont quite understand how this is working
  Replace(:p_2,chr(39), chr(39)||chr(39))
  i have never used chr
  Edited by: Forms_Reports_Beginner on Aug 14, 2009 7:35 AM

• How do I replace one ' (Single Quote) with '' (Two single Quote)

  Hi,
  I have been surfing around the forum, coudn't find the similiar case.
  I have been trying but fail. Below is my code:
  activity = request.getParameter("activity");
  activity = activity.replace("\'", "\'\'");
  Error Occur:
  Incompatible type for method. Can't convert java.lang.String to char. activity = activity.replace("\'", "\'");
  I'm trying to use replaceAll(), but seem like the method is not existed, we are using Version Java 1.3
  Pls advise.
  Regards
  Ying

  For JDK 1.3 or ealier, use this:
    public static String replaceSubstrings(String str, String sub, String rep){
      int s, p, q;
      int slen = sub.length();
      StringBuffer sb = new StringBuffer();
      s = 0;
      p = str.indexOf(sub);
      q = p + slen;
      while (p != -1){
        sb.append(str.substring(s, p));
        sb.append(rep);
        s = q;
        p = str.indexOf(sub, s);
        if (p != -1){
          q = p + slen;
      sb.append(str.substring(s));
      return sb.toString();
  activity = replaceSubstrings(activity, "'", "''");

• Replace single quote with two single quotes

  Hi all,
  I have a value = ABCD'S(>@!23. i want to replace the value as ABCD''S(>@!23.
  Thanks in advance

  What is your database version ? Q operator works from 10G onwards.
  SQL*Plus: Release 10.2.0.1.0 - Production on Tue Nov 23 14:35:38 2010
  Copyright (c) 1982, 2005, Oracle.  All rights reserved.
  SQL> conn hr
  Enter password:
  Connected.
  SQL>  CREATE TABLE test_Q_operator(str VARCHAR2(30));
  Table created.
  SQL> INSERT INTO test_Q_operator VALUES('ABCD''S(>@!23');
  1 row created.
  SQL> INSERT INTO test_Q_operator VALUES('Saubhik''s test row');
  1 row created.
  SQL> commit;
  Commit complete.
  SQL> SELECT str,REPLACE(str,Q'[']',Q'['']') col2
    2  FROM test_Q_operator;
  STR
  COL2
  ABCD'S(>@!23
  ABCD''S(>@!23
  Saubhik's test row
  Saubhik''s test row
  SQL>Also check you SQL*PLUS client version.