Place single quote around string

Hi,
I am wondering how I can Place single quote around string in the following. I have tried double and triple quote but it doesn't take variable name from rec.tablename.
any idea
rec.table_name ==> 'rec.table_name'
rec.column_name ==> 'rec.column_name'
v_sql:= 'DELETE USER_SDO_GEOM_METADATA WHERE TABLE_NAME= ' || rec.table_name ;
execute immediate v_sql;
-- Insert Table Record in Sdo_User_Geom_Metadata
v_sql:= 'INSERT INTO USER_SDO_GEOM_METADATA(TABLE_NAME, COLUMN_NAME, DIMINFO, SRID) ' ||
'VALUES (' || rec.table_name || ',' || rec.column_name || ', MDSYS.SDO_DIM_ARRAY( ' ||
'MDSYS.SDO_DIM_ELEMENT(''X'',-2147483648, 2147483647, .000005), ' ||
'MDSYS.SDO_DIM_ELEMENT(''Y'',-2147483648, 2147483647, .000005)), 2958)' ;
execute immediate v_sql;
Nancy

I have 2 suggestions, 2nd one being the better choice.
SQL> set serveroutput on
SQL>
SQL> declare
2    v_sql varchar2(4000);
3    table_name varchar2(4000);
4 begin
5    table_name := 'MY_TABLE';
6    v_sql:= 'DELETE USER_SDO_GEOM_METADATA WHERE TABLE_NAME= ''' || table_name || '''';
7    dbms_output.put_line(v_sql);
8 end;
9 /
DELETE USER_SDO_GEOM_METADATA WHERE TABLE_NAME= 'MY_TABLE'
PL/SQL procedure successfully completed
SQL> or using DBMS_ASSERT for a more elegant solution against SQL injection:
Connected to Oracle Database 10g Enterprise Edition Release 10.2.0.4.0
Connected as fsitja
SQL> set serveroutput on
SQL>
SQL> declare
2    v_sql varchar2(4000);
3    table_name varchar2(4000);
4 begin
5    table_name := dbms_assert.QUALIFIED_SQL_NAME('ALL_TABLES');
6    v_sql:= 'DELETE USER_SDO_GEOM_METADATA WHERE TABLE_NAME= ' || dbms_assert.ENQUOTE_NAME(table_name);
7    dbms_output.put_line(v_sql);
8 end;
9 /
DELETE USER_SDO_GEOM_METADATA WHERE TABLE_NAME= "ALL_TABLES"
PL/SQL procedure successfully completed
SQL> [Docs referencing validation checks against SQL injection|http://download.oracle.com/docs/cd/E11882_01/appdev.112/e10472/dynamic.htm#LNPLS648]
Regards,
Francisco

Similar Messages

SQL: Need help putting single quote around string

I want to put single quotes around string in my output.
I am running the following command as a test:
select ' ' hello ' ' from dual;
My expectation is to get 'hello' (Single quote around hello)
However I am getting the following error:
ERROR at line 1:
ORA-00923: FROM keyword not found where expected
When I do SHOW ALL at my SQL command prompt, the escape is set as follows:
escape "\" (hex 5c)
I even tried: select '\'hello\'' from dual;
I get back: select ''hello'' from dual
ERROR at line 1:
ORA-00923: FROM keyword not found where expected

Hi,
user521525 wrote:
I want to put single quotes around string in my output.
I am running the following command as a test:
select ' ' hello ' ' from dual;
My expectation is to get 'hello' (Single quote around hello)You probably read that you can get a single-quote within a string literal by using two of them in a row.
That's true, but they really have to be in a row (no spaces in between), and you still need the single-quotes at the beiginning and end of the literal.
So what you want is
SELECT '''hello'''
FROM dual;Starting in Oracle 10, you can also use Q-notation, For example:
SELECT Q'['hello']'
FROM dual;

(JDBC)how to diffrenciate a single quote in string ? eg : 'Micheal's Store'

Hi all,
I wanted to difrrenciate a single quote in string. Is there any way to do so ?
I'm using Java.
Thanks

If you're using Java, I assume you're using straight JDBC rather than one of the many APIs layered on top of JDBC.
You should be using PreparedStatement objects with bind variables and you should be passing in string values by making appropriate setString() calls. When you're using bind variables, rather than building up SQL strings in your app, you won't have any issues with escaping quotes. You also won't have to worry about defending against SQL injection attacks and your application will perform much better since you won't be re-parsing the same statement over and over and won't be flooding your library cache with thousands of mostly identical statements.
Justin
I intended to say that you won't be flooding your shared pool with thousands of mostly identical statements, not the library cache.
Message was edited by:
Justin Cave

Single quotes around a variable

Hi,
I have values that are being passed into a variable with single quotes around.
for eg: 'test'. So the value in variable v_empname will hold the value 'test'
But then below sql statement returns null:
select empid
into v_empid
from emp where empname = v_empname
When I checked the value of the variable it's 'test' and compared as '''test'''.
How can I get around this?
Thanks for the help.
SK.

Doh!
SQL> create or replace procedure get_empno (i_name in varchar2)
2 as
3    v_empno number;
4 begin
5    select empno into v_empno
6    from emp
7    where ename = i_name;
8    dbms_output.put_line('empno is '||v_empno);
9 exception
10    when no_data_found then
11      dbms_output.put_line('No such person, or did you mean '||upper(i_name)||'?');
12 end;
13 /
Procedure created.
SQL>
SQL> set serveroutput on
SQL> exec get_empno('king');
No such person, or did you mean KING?
PL/SQL procedure successfully completed.
SQL> exec get_empno('KING');
empno is 7839
PL/SQL procedure successfully completed.

How to put single quotes around selected data

Is there a way to return selected column value with single quotes around it?
Example I have a table:
select name from test_table;
returns: George Clooney
I want it to return 'George Clooney'
I tried: select '''||name||''' from test_table;
returns: '||name||'

...or
SCOTT@demo102> select chr(39)||ename||chr(39) from emp;
CHR(39)||ENA
'SMITH'
'ALLEN'
'WARD'
'JONES'
'MARTIN'
'BLAKE'
'CLARK'
'SCOTT'
'KING'
'TURNER'
'ADAMS'Nicolas.

Adding SIngle quotes around a Colmn Name stored in a DB Field

I know the SQL I need to execute ( It yeilds 500 rows )
select p.DS_ID
from dbo.v_ds p
inner join dbo.Rpt r
on p.DS_ID = r.PKVal
and r.ColumnNm = 'DS_ID'
BUT the value of r.Column in stored in a table and building it using dynamic SQL , the closest i get is
select p.DS_ID
from dbo.v_ds p
inner join dbo.Rpt r
on p.DS_ID = r.PKVal
and r.ColumnNm = DS_ID
Note that ther single quotes needed are missing and so I get NO rows. I've tried using the ''' + @field + ''' and cannor get it to work.
Any ideas?

Not sure of your try. May be you would have missed the single quote before and after as you said your closest ry result looks like below:
and r.ColumnNm = DS_ID --Without single quotes.

Problem with single quote around ANYINTERACT

CREATE TABLE JUNK
as SELECT s.survey_id,s.shape,s.original_depth
FROM bathyuser.sounding s,m_covr r
WHERE SDO_GEOM.RELATE (s.shape, 'ANYINTERACT', R.geom, 0.5) = 'TRUE'
AND R.DSNM=CNT.DSNM
and
s.SURVEY_ID in
(SELECT unique s.survey_id FROM header s, m_covr r
WHERE SDO_GEOM.RELATE (s.shape, 'ANYINTERACT', r.geom, 0.5) = 'TRUE'
AND DSNM=CNT.DSNM)';
This above SQL works fine in SQL prompt. But when I put it together in PL/SQL it gives me this error :
WHERE SDO_GEOM.RELATE (s.shape, 'ANYINTERACT', R.geom, 0.5) = 'TRUE'
ERROR at line 17:
ORA-06550: line 17, column 39:
PLS-00103: Encountered the symbol "ANYINTERACT" when expecting one of the
following:
* & = - + ; < / > at in is mod remainder not rem
<an exponent (**)> <> or != or ~= >= <= <> and or like LIKE2_
LIKE4_ LIKEC_ between || multiset member SUBMULTISET_
Could someone help me fix this error. I know I have to try it with "EXECUTE IMMEDIATE" command, but I'm having problem with "||" (concatinate).
Thanks so much
Cuong

This is how you go about debugging execute immediate statements. I am assuming that you fixed the first problem as marias suggested and cam up with something like this. Note, I changed the table in your surso to dual since I do not have your tables, but the effect is the same. I changed the EXECUTE IMMEDIATE to DBMS_OUTPUT.Put_Line so you can actually see what you are trying to execute. I also added some carriage returns to make the formatting a littel easier to see. This is what I got:
SQL> DECLARE
2 statement varchar2(1000);
3 CURSOR C_DSNM5 IS
4 SELECT dummy dsnm FROM dual;
5 BEGIN
6 FOR CNT IN C_DSNM5 LOOP
7 STATEMENT := 'CREATE TABLE JUNK'||
8 ' AS SELECT s.survey_id,s.shape,s.original_depth'||CHR(10)||
9 ' FROM bathyuser.sounding s,m_covr r '||CHR(10)||
10 'WHERE SDO_GEOM.RELATE (s.shape, '||
11 '''ANYINTERACT'''||
12 ', R.geom, 0.5) = '||'''TRUE'''||CHR(10)||
13 ' AND R.DSNM = CNT.DSNM '||CHR(10)||
14 ' AND s.SURVEY_ID IN '||
15 ' (SELECT UNIQUE s.survey_id FROM HEADER s, m_covr r'||CHR(10)||
16 ' WHERE SDO_GEOM.RELATE (s.shape, '||
17 '''ANYINTERACT'''||
18 ', r.geom, 0.5) = '||
19 '''TRUE'''||CHR(10)||
20 ' AND R.DSNM = '||CNT.DSNM||' )';
21 DBMS_OUTPUT.Put_Line (statement);
22 END LOOP;
23 END;
24 /
CREATE TABLE JUNK AS SELECT s.survey_id,s.shape,s.original_depth
FROM bathyuser.sounding s,m_covr r
WHERE SDO_GEOM.RELATE (s.shape, 'ANYINTERACT', R.geom, 0.5) = 'TRUE'
AND R.DSNM = CNT.DSNM
AND s.SURVEY_ID IN (SELECT UNIQUE s.survey_id FROM HEADER s, m_covr r
WHERE SDO_GEOM.RELATE (s.shape, 'ANYINTERACT', r.geom, 0.5) = 'TRUE'
AND R.DSNM = X )
PL/SQL procedure successfully completed.You have at least two issues with this CREATE TABLE statement. The last line needs to have the X (which came from dual) quoted since it is a string. You also still have a reference to CNT.DSNM, unless you fixed both occurences.
Another major problem is that if your cursor will return more than one row, and by the structure of this I assume that it might, the on the second record you are going to get:
ORA-00955: name is already used by an existing object.
Although I see no reason why you need dynamic sql here, you really need to use bind variables whereever possible (everywhere you use a variable except ofr names of database objects. So, your procedure should look more like:
DECLARE
 statement varchar2(1000);
 CURSOR C_DSNM5 IS
 SELECT distinct DSNM from M_COVR where dsnm like 'US5%';
BEGIN
 FOR CNT IN C_DSNM5 LOOP
 STATEMENT := 'CREATE TABLE JUNK'||
 ' AS SELECT s.survey_id,s.shape,s.original_depth'||
 ' FROM bathyuser.sounding s,m_covr r '||
 'WHERE SDO_GEOM.RELATE (s.shape, '||
 '''ANYINTERACT'''||
 ', R.geom, 0.5) = '||'''TRUE'''||
 ' AND R.DSNM = :b1 '||
 ' AND s.SURVEY_ID IN '||
 ' (SELECT UNIQUE s.survey_id FROM HEADER s, m_covr r'||
 ' WHERE SDO_GEOM.RELATE (s.shape, '||
 '''ANYINTERACT'''||
 ', r.geom, 0.5) = '||
 '''TRUE'''||
 ' AND R.DSNM = :b2 )';
 EXECUTE IMMEDIATE statement USING cnt.dsnm, cnt.dsnm
 END LOOP;
END;But it is still very wrong.
Perhaps if you can explain in words what you are trying to accomplish someone can provide a much better response.
John

Put single quote around input data

Hi all,
DB:10G
Have an input field (P10_item) with text value . Sometimes it can be multiple text values separated by , like T-123,T-870 . sometimes it only has 1 text value.
How do I construct a query that can take the item and convert the input value to the following example ? By using length function I can find out how many check no in the field but am lost in how to put the ' around each check no. Help
ex:
select * from payment where checkno in ('T-123','T-870')
thanks

with t as
(select 'T-123,T-870' txt from dual )
select replace(regexp_replace(txt,'(.+)','''\1'''),',',''',''')from t;
'T-123','T-870'sorry I did not understand what you wanted at first.
this shoud break p_10_item into multiple entries if it has commas in it and
then you can join it to the payment table.
WITH t AS (SELECT 'T-123,T-870' p_10_item FROM DUAL),
 t2
 AS ( SELECT REGEXP_SUBSTR (p_10_item,
 '[^\,]+',
 1,
 LEVEL)
 checkno
 FROM t
 CONNECT BY LEVEL <=
 LENGTH (p_10_item)
 - LENGTH (REPLACE (p_10_item, ','))
 + 1)
SELECT payment.*
FROM payment, t2
WHERE t2.checkno = payment.checknoEdited by: pollywog on May 18, 2011 1:14 PM

Any way to generate a single quote (') with XSLT?

Hi:
I guess this is really an XSLT question. I'm using the Transform() method of an XMLType variable to apply a style sheet. The XML in the variable is just something simple like
<TBL>
<LAST_NAME>LIKE|JONES</LAST_NAME>
<FIRST_NAME>=|MARY</FIRST_NAME>
<AGE>=|50</AGE>
</TBL>
I am trying to get a stylesheet to transform something like the above into SQL such as
Select * from foo where LAST_NAME like 'JONES'
and FIRST_NAME ='MARY'
and AGE = 50But to do this, I need to generate the single quotes around the search terms and I can't get anything but LAST_NAME LIKE 'JONES'. Is there a way to do this? For now I am generating a ~ and replacing ~ for ' throughout the generated SQL text but that's a pretty sorry solution.
I thought that something like <xsl:text disable-output-escaping="yes">&</xsl:text> was going to work but then found out it has been deprecated. I was thinking character-map might work but that's an XSLT 2.0 thing and apparently 10g is on XSLT 1.0? In any case, it had no idea what I was trying to do with a character map.
So, am I overlooking an obvious way to get my stylesheet to insert apostrophes?
Thanks.

It's 10.2.0.4.
Here's the procedure that accepts the XML/XSL clobs and tries to produce a SQL statement.
PROCEDURE GetSQLQueryFromXML(XMLClob in CLOB, XSLStylesheet in CLOB,
 SQLQuery out CLOB, status out integer) IS
 -- Define the local variables
xmldata XMLType; -- The XMLType format of the XML to transform
xsldata XMLType; -- The XMLType format of the stylesheet to apply
sqlQuery_XMLType XMLType; -- The XMLType format of the SQL query.
v_SQLQuery Clob; -- Holds XML Clob before translating ~ to '
BEGIN
status := -1; -- Initially unsuccessful
-- Get the XML document using the getXML() function defined in the database.
-- Since XMLType.transform() method takes XML data as XMLType instance,
-- use the XMLType.createXML method to convert the XML content received
-- as CLOB into an XMLType instance.
xmldata := XMLType.createXML(XMLClob);
-- Get the XSL Stylesheet using the getXSL() function defined in the database.
-- Since XMLType.transform() method takes an XSL stylesheet as XMLType instance,
-- use the XMLType.createXML method to convert the XSL content received as CLOB
-- into an XMLType instance.
xsldata := XMLType.createXML(XSLStylesheet);
-- Use the XMLtype.transform() function to get the transformed XML instance.
-- This function applies the stylesheet to the XML document and returns a transformed
-- XML instance.
sqlQuery_XMLType := xmldata.transform(xsldata);
-- Return the transformed XML instance as a CLOB value.
v_SQLQuery := sqlQuery_XMLType.getClobVal();
-- Change tildas to apostrophes. Currently unable to get an XSLT transformation
-- to insert single quotes, so we're inserting ~ instead. Now we need to
-- translate all ~s to 's in our query.
SQLQuery := translate(to_char(v_SQLQuery),'~','''');
status := 1; -- Everything went fine to get here
EXCEPTION
WHEN OTHERS THEN
 raise_application_error
 (-20102, 'Exception occurred in GetSQLQueryFromXML :'||SQLERRM);
END GetSQLQueryFromXML;The XML it works off of is
 someXML CLOB :=
 to_clob('<?xml version="1.0" encoding="windows-1252" ?>
<variable table_name="SOME_PERSON_TABLE" query_type="PERSON">
<item>
 <fieldName><![CDATA[PERSON_KEY]]></fieldName>
 <criteria><![CDATA[=]]></criteria>
 <fieldType><![CDATA[Integer]]></fieldType>
 <value><![CDATA[123456789]]></value>
</item>
<item>
 <fieldName><![CDATA[LAST_NAME]]></fieldName>
 <criteria><![CDATA[=]]></criteria>
 <fieldType><![CDATA[String]]></fieldType>
 <value><![CDATA[DOE]]></value>
</item>
<item>
 <fieldName><![CDATA[FIRST_NAME]]></fieldName>
 <criteria><![CDATA[=]]></criteria>
 <fieldType><![CDATA[String]]></fieldType>
 <value><![CDATA[JOHN]]></value>
</item>
<item>
 <fieldName><![CDATA[MIDDLE_NAME]]></fieldName>
 <criteria><![CDATA[-]]></criteria>
 <fieldType><![CDATA[String]]></fieldType>
 <value />
</item>
<item>
 <fieldName><![CDATA[SUFFIX]]></fieldName>
 <criteria><![CDATA[-]]></criteria>
 <fieldType><![CDATA[String]]></fieldType>
 <value />
</item>
</variable>');And the corresponding XSLT that should translate it is:
myStylesheet CLOB :=
to_clob('<?xml version="1.0" encoding="ISO-8859-1"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">


<xsl:output method="text" omit-xml-declaration="yes" indent="no"/>


<xsl:variable name="apos">~</xsl:variable>
<xsl:template match="/">
 select * from
 <xsl:value-of select="variable/@table_name"/>
 where 1=1
 <xsl:for-each select="variable/child::node()">
 <xsl:choose>
 
 <xsl:when test="./value/text()[normalize-space(.)]">
 
 AND <xsl:value-of select="./fieldName"/>
 <xsl:text> </xsl:text>
 <xsl:value-of select="./criteria"/>
 <xsl:text> </xsl:text>
 <xsl:choose>
 <xsl:when test="string(./fieldType)=''String''">
 <xsl:copy-of select="$apos" />
 <xsl:value-of select="./value"/>
 <xsl:copy-of select="$apos" />
 </xsl:when>
 <xsl:when test="string(./fieldType)=''Clob''">
 <xsl:copy-of select="$apos" />
 <xsl:value-of select="./value"/>
 <xsl:copy-of select="$apos" />
 </xsl:when>
 <xsl:otherwise>
 <xsl:value-of select="./value"/>
 </xsl:otherwise>
 </xsl:choose>
 </xsl:when>
 </xsl:choose>
 </xsl:for-each>
</xsl:template>
</xsl:stylesheet>');Basically if the VALUE element has a value then the fieldType is checked. If fieldType is String or Clob then we'll need the apostrophes. For now I'm putting in tildas and changing them later.

Single Quotes Issue??

Hi,
Bit of a strange one - hopefully there is a really simple answer that I will kick myself over….!
I have a query which references a partioned table. When the following condition is added, the query references the intended partion - evident by looking at the explain plan:
and e.dac_end_date >= '20080401'
(VARCHAR2 (8 Byte))
However, I want to automate my script. When I use a variant of the Sysdate function (detailed below) and execute the query, the explain plan indicates that Oracle is doing a full table scan….. Not good!!
e.dac_end_date >= to_char(add_months(sysdate,-1),'YYYYMM')||'01'
I'm guessing this may have something to do with single quotes… I have done a forum trawl, and tried some of the suggestions (char(39)||, three quotes surrounding the 'YYYYMM', concatenating single quotes around the format mask etc) - but I either get an error message, or the query just bombs out after a few seconds.
Anyone have any ideas or suggestions??
Any help greatly appreciated….
Cheers in advance.

Firstly - thanks for the replies.
Just to confirm - the table I'm referring too is ranged partioned on a varchar2 column that contains a date-as-a-string. I didn’t build the tables - I'm not a developer. I'm just trying to automate a query that I have written which on the surface appears to do a full table scan when I use the Sysdate function (instead of a hard coded date).
'Bomb out' - bad grammar, apologies. What I meant was the query appears to complete within a few seconds, however does not return any data.
peticH - I was using 'Session Browser' within Toad to monitor the query (running in another session) - I didn’t realise that even in this instance Explain Plan provides expected rather than actual behaviour. I'll do some reading up on the 'Trace' functionality, to try and see what is actually happening.
Cheers guys.

XLIFF escaping (single quote)

i have a resource string that looks like,
<trans-unit id="...">
<source>'{0}'</source>
<target/>
</trans-unit>
notice the single quotes around the token. when i do this, the token won't get replaced by MessageFormat.format(). i tried escaping the single quotes like \'{0}\' which had no effect.
thanks.

answering my own question ... this has nothing to do w/ XLIFF. looking at the MessageFormat javadocs, there are some rather confusing details about how single quotes are used to escape. it turns out that a double single quote gets a single quote in the output,
''{0}''

Single quote in dynamic query

Hi all;
Can u please help me on the following dynamic query code ? I know I am missing the single quote around 2 dates but could not figure out where to put it ! I have tried putting 2 or 3 quotes around 2 bind vars but to no avail.
Want to create a dynamic query to simulate the the following:
select
EMPNO,ENAME,JOB,MGR,HIREDATE from emp where HIREDATE >= to_date('01/01/1981','MM/DD/YYYY') and HIREDATE <= to_date('12/31/1982','MM/DD/YYYY');
dynamic code:
declare
v_q varchar2(4000);
begin
v_q :='select EMPNO,ENAME,JOB,MGR,HIREDATE from emp ';
V_q := V_Q
|| 'where HIREDATE >= '
|| 'to_date(' || :P_DATE1 || ',' ||'''MM/DD/YYYY''' || ' )'
|| 'and HIREDATE <= '
|| 'to_date(' || :P_DATE2 || ',' ||'''MM/DD/YYYY''' || ' )';
-- end the sql
v_q := v_q ||';';
dbms_output.put_line ('V_Q is ' || V_Q);
end;
Thanks.
Zen

declare
 v_q varchar2(4000);
 v_rec emp%rowtype;
 v_cur sys_refcursor;
begin
 v_q :='select EMPNO,ENAME,JOB,MGR,HIREDATE from emp ';
 V_q := V_Q || 'where HIREDATE >= to_date(:P_DATE1,''MM/DD/YYYY'') and HIREDATE <= to_date(:P_DATE2,''MM/DD/YYYY'')';
 dbms_output.put_line ('V_Q is ' || V_Q);
 open v_cur
 for v_q
 using '01/01/1981',
 '12/31/1982';
 loop
 fetch v_cur
 into v_rec.empno,
 v_rec.ename,
 v_rec.job,
 v_rec.mgr,
 v_rec.hiredate;
 exit when v_cur%notfound;
 dbms_output.put_line('empno = ' || v_rec.empno);
 dbms_output.put_line('ename = ' || v_rec.ename);
 dbms_output.put_line('job = ' || v_rec.job);
 dbms_output.put_line('mgr = ' || v_rec.mgr);
 dbms_output.put_line('hiredate = ' || to_char(v_rec.hiredate,'MM/DD/YYYY'));
 dbms_output.put_line('====================');
 end loop;
 close v_cur;
end;
V_Q is select EMPNO,ENAME,JOB,MGR,HIREDATE from emp where HIREDATE >=
to_date(:P_DATE1,'MM/DD/YYYY') and HIREDATE <= to_date(:P_DATE2,'MM/DD/YYYY')
empno = 7499
ename = ALLEN
job = SALESMAN
mgr = 7698
hiredate = 02/20/1981
====================
empno = 7521
ename = WARD
job = SALESMAN
mgr = 7698
hiredate = 02/22/1981
====================
empno = 7566
ename = JONES
job = MANAGER
mgr = 7839
hiredate = 04/02/1981
====================
empno = 7654
ename = MARTIN
job = SALESMAN
mgr = 7698
hiredate = 09/28/1981
====================
empno = 7698
ename = BLAKE
job = MANAGER
mgr = 7839
hiredate = 05/01/1981
====================
empno = 7782
ename = CLARK
job = MANAGER
mgr = 7839
hiredate = 06/09/1981
====================
empno = 7839
ename = KING
job = PRESIDENT
mgr =
hiredate = 11/17/1981
====================
empno = 7844
ename = TURNER
job = SALESMAN
mgr = 7698
hiredate = 09/08/1981
====================
empno = 7900
ename = JAMES
job = CLERK
mgr = 7698
hiredate = 12/03/1981
====================
empno = 7902
ename = FORD
job = ANALYST
mgr = 7566
hiredate = 12/03/1981
====================
empno = 7934
ename = MILLER
job = CLERK
mgr = 7782
hiredate = 01/23/1982
====================
PL/SQL procedure successfully completed.
SQL> SY.

SSRS Report Returning Double Quote string from a Single Quote String

Hi, I'm getting weird thing in resultset from SSRS report when executed. When I pass parameter to a report, which passes String that has single quote value to a split function , it returns rows with double quote.
For example following string:
'N gage, Wash 'n Curl,Murray's, Don't-B-Bald
Returns:
''N gage, Wash ''n Curl,Murray''s, Don''t-B-Bald
through SSRS report.
Here is the split function Im using in a report.
CREATE Function [dbo].[fnSplit] (
@List varchar(8000),
@Delimiter char(1)
Returns @Temp1 Table (
ItemId int Identity(1, 1) NOT NULL PRIMARY KEY ,
Item varchar(8000) NULL
As
Begin
Declare @item varchar(4000),
@iPos int
Set @Delimiter = ISNULL(@Delimiter, ';' )
Set @List = RTrim(LTrim(@List))
-- check for final delimiter
If Right( @List, 1 ) <> @Delimiter -- append final delimiter
Select @List = @List + @Delimiter -- get position of first element
Select @iPos = Charindex( @Delimiter, @List, 1 )
While @iPos > 0
Begin
-- get item
Select @item = LTrim( RTrim( Substring( @List, 1, @iPos -1 ) ) )
If @@ERROR <> 0 Break -- remove item form list
Select @List = Substring( @List, @iPos + 1, Len(@List) - @iPos + 1 )
If @@ERROR <> 0 Break -- insert item
Insert @Temp1 Values( @item ) If @@ERROR <> 0 Break
-- get position pf next item
Select @iPos = Charindex( @Delimiter, @List, 1 )
If @@ERROR <> 0 Break
End
Return
End
FYI: I'm getting @List value from a table and passing it as a string to split function.
Any help would be appreciated!
ZK

Another user from TSQL forum posted this code which is returning the same resultset but when I execute both codes in SQL server it works and return single quote as expected.
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/8d5c96f5-c498-4f43-b2fb-284b0e83b205/passing-string-which-has-single-quote-rowvalue-to-a-function-returns-double-quoate?forum=transactsql
CREATE FUNCTION dbo.splitter(@string VARCHAR(MAX), @delim CHAR(1))
RETURNS @result TABLE (id INT IDENTITY, value VARCHAR(MAX))
AS
BEGIN
WHILE CHARINDEX(@delim,@string) > 0
BEGIN
INSERT INTO @result (value) VALUES (LEFT(@string,CHARINDEX(@delim,@string)-1))
SET @string = RIGHT(@string,LEN(@string)-CHARINDEX(@delim,@string))
END
INSERT INTO @result (value) VALUES (@string)
RETURN
END
GO
ZK

String with embedded single quote

Hi, all. We're trying to pass a string from one procedure to another, which will then do an EXECUTE IMMEDIATE on it. However, there are single quotes withing the string, and they're driving us nuts! This is what the concatenated string should look like when passed to the pw_execDDL procedure:
insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values ('MEAG', to_date('02-OCT-05','DD-MMM-YY'), 'Y',1);
Here's the concatenation process that doesn't work, and there are functions being called within the string:
chr_sql := 'insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values (' || '''' || prm_inoc_id || '''' || ', ' || 'to_date(' || '''' || prm_proof1 || ''''||','||'''' ||'DD-MMM-YY'||''''||')' || ', ' || '''' || fw_is_proof_valid(prm_birth_date, prm_proof1) || '''' || ',1);';
pw_execDDL(chr_sql); /* call the procedure to do the EXECUTE IMMEDIATE */
Help! We've tried every combination -- using two single quotes together, three, and four, and still no luck. Thanks.

insert into appimmunization.wsrprfs (inoc_id, proof,
is_valid,proof_num) values ('MEAG',
to_date('02-OCT-05','DD-MMM-YY'), 'Y',1);
This statement can be made in a string with the following affectation:
chr_sql := 'insert into appimmunization.wsrprfs (inoc_id, proof, is_valid,proof_num) values (''MEAG'', to_date(''02-OCT-05'',''DD-MMM-YY''), ''Y'',1)';
Note please that each single quote in your original string must be specified using two single quotes and that is all. It is more readable and more easy to do it this way.
Michel.

How to use a single quote string in where condition

Hi,
I have one problem in building a query.
SELECT agx_drug_indication.record_id, agx_drug_indication.fk_ad_rec_id,
agx_drug_indication.drugindicationmeddraver, agx_drug.record_id,
agx_drug.fk_apat_rec_id,
REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
pack_imp_objects.fn_get_arisg_code
(147,
agx_drug_indication.drugindicationmeddraver
) AS "DRUGINDICATIONMEDDRAVER",
agx_drug.drugindication,
NVL (agx_drug.drugcharacterization, 1) AS "DRUGCHARACTERIZATION",
agx_safety_report.record_id, agx_safety_report.case_identifier_no,
agx_safety_report.fk_apat_rec_id,
pack_imp_objects.fn_meddra_llt_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver,
1
) AS "LLT_CODE",
pack_imp_objects.fn_meddra_soccode_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "PRIMARY_SOC_CODE",
pack_imp_objects.fn_meddra_soccode_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "CASE_SOC_CODE",
pack_imp_objects.fn_meddra_pt_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "PT_CODE",
pack_imp_objects.fn_get_aer_id (11) AS "AER_ID"
FROM agx_drug_indication,
agx_drug,
agx_safety_report
WHERE agx_drug_indication.fk_ad_rec_id = agx_drug.record_id
AND agx_drug.fk_apat_rec_id = agx_safety_report.fk_apat_rec_id
AND agx_safety_report.case_identifier_no IS NOT NULL
AND agx_drug_indication.drugindication IS NOT NULL
AND agx_drug.medicinalproduct =
REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.
Ex: ABC's or just ABC.
The query has to support both single quote and without quote in it.
I wanted everything to be done in the sinlq query on not a PL/SQL Block.
Please help me ASAP

kumar0828 wrote:
 ... 
REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
 ... <pre>
REPLACE (agx_drug.medicinalproduct, '''', '''')
</pre>
With the above statement you are replacing single quote with another single quote
(which is nonsense).
 ... 
AND agx_drug.medicinalproduct = REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.This is not a dynamic variable but a string value:
<pre>
AND agx_drug.medicinalproduct =
REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
</pre>
*-qVAGX_DRUG.MEDICINALPRODUCT* <pre>
AND agx_drug.medicinalproduct =
REPLACE (q'*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
</pre>
-qVAGX_DRUG.MEDICINALPRODUCT q'[a]' => a
q'[a']' => a'
q'[a'']' => a''
q'*a*' => a
q'*a'*' => a'
q'*a''*' => a''
A variable also cannot contain a dot (.):
<pre>VAGX_DRUG.MEDICINALPRODUCT</pre>
Ex: ABC's or just ABC.
The query has to support both single quote and without quote in it.
I wanted everything to be done in the sinlq query on not a PL/SQL Block.
Please help me ASAPTry this:
<pre>
AND agx_drug.medicinalproduct = MY_VARIABLE
</pre>

Place single quote around string

Similar Messages

Maybe you are looking for