Putting an Apostrophe in an SQL Parameter
Anyone know how to escape an apostrophe for passing to an XSQL page?
I'm making an online directory. I get a list of names from the table, and then the user can click on a name to get more information. I'm having a real problem with names that contain aprostophies (ex: O'Donald)
If I simply call my XSQL page with the name as normal, it gives me an SQL error because there is a single apostrophe in my query. I've attempted to escape the apostrophe in my XSL file, but it gives me a Literal Mismatch error when I try to look for it using '
Here is the code I'm trying:
<xsl:template match="name">
<a><xsl:attribute name="href">search.xsql?name=<xsl:value-of select="substring-before(../name,''')" />''<xsl:value-of select="substring-after(../name,''')" /></xsl:attribute><xsl:value-of select="." /></a>
I've also tried making a variable that contains a '. Doing that, I don't get an error, but the substring-before return nothing... Thanks for any help you can offer!
1/ Would you try to put the aprostophies there without escaping ?
2/ Use XSLT extension
Similar Messages
-
Sql parameter substitution problems
Hi,
I am having problems with the sql parameter substitution. I have a query that
looks like this:
select name,value from table where name in ('name1','name2');
I have tried building a string that equals "'name1','name2'" and passing it as
a parameter to sql entering the javaDoc comments like:
select name,value from table where name in ({nameString})
The problem is that when it is substituted and set to the database it looks like
this:
select name,value from table where name in ('\'name1\',\'name2\'');
This will not work. Does anyone have any suggestions on how to do this using a
database control. Basically I'm looking for the ability to create dynamic sql
statements.
Thanks for your help.
Regards,
JamesAnurag,
Thanks for the reply. I don't think that this solves my problem though. I will
never know how many strings to pass. It's all based on what the user wants, they
could ask for 2, 20, or any other number of names. It sounds like using a Database
control is not really possible for this situation. What do you think? Any chance
of this making into workshop in the future or in these situations is creating
an EJB the only way to go?
Thanks again.
Regards,
James Chamberlain
"Anurag Pareek" <[email protected]> wrote:
Hi James,
This result is same as what you will get on executing the following prepared
statement:
conn.prepareStatement("select empid from empdemo where name in (?)");
pstmt.setString(1,"'Person 1','Person 2','Person 3'");
pstmt3.execute();
Workshop's DBControl internally uses a PreparedStatement, hence you would
obtain the same result.
To get it working, you will need to pass in the 3 strings separately
as
below:
conn.prepareStatement("select empid from empdemo where name in
pstmt.setString(1,"Person 1");
pstmt.setString(1,"Person 2");
pstmt.setString(1,"Person 3");
Please do let me know if you have further queries regarding the issue.
Regards,
Anurag
Workshop Support
"James Chamberlain" <[email protected]> wrote in message
news:[email protected]...
Hi,
I am having problems with the sql parameter substitution. I have aquery
that
looks like this:
select name,value from table where name in ('name1','name2');
I have tried building a string that equals "'name1','name2'" and passingit as
a parameter to sql entering the javaDoc comments like:
select name,value from table where name in ({nameString})
The problem is that when it is substituted and set to the databaseit
looks like
this:
select name,value from table where name in ('\'name1\',\'name2\'');
This will not work. Does anyone have any suggestions on how to do thisusing a
database control. Basically I'm looking for the ability to create dynamicsql
statements.
Thanks for your help.
Regards,
James -
Escaping "curly apostrophe" for a sql statement
Hi,
I'm trying to escape the curly apostrophe for a sql statement, i.e.,
Bob’s . I tried using the following
string str = inputStr.Replace("'","''");
Of course, this doesn't work.
Thanks!Replace has 2 overloads. One uses 2 strings while the other uses 2 char parameters. Run this code on text pasted from each application.
static string ReplaceString()
string input =
"O'Hara";
foreach ( Char c
in input )
Console.WriteLine(c.ToString() +
" = " + Convert.ToInt32(c).ToString());
return input.Replace("'",
String.Empty);
Compare the values returned for the character. Then use the char value from Word and replace it with the char value from Notepad in the other overload that takes 2 char parameters.
Are you using a TextBox or a RichTextBox?
Mark the best replies as answers. "Fooling computers since 1971."
http://rudedog2.spaces.live.com/default.aspx -
I'm not sure if this is a CR or BOE question but I'll post here first.
Is there any way to change the parameter order of a SQL Command Parameter?
I know it usually goes by the alphabetical order of the parameter name (i.e.: SQL Parameter name "StartDate" and "EndDate" would actually prompt EndDate first then StartDate).
I guess I can easily try to change the wording of the parameter names and that's what I did (I changed it to "1StartDate" and "2EndDate"). It prompts correctly in CR when I preview it... but when I bring it up to BOE and run the report there, it will prompt me the 2EndDate first instead of 1StartDate.
Any ideas?James,
I have changed appropriately to match alphabetically (eg. Begin & End)... and like always, Crystal will display the prompt correctly and in correct when refreshing the report. But once I bring it up on BOE, it will prompt for End first then Begin.
Brian,
Thanks for your suggestion. However, I am aware of the parameter orders in the parameter viewer. While the parameter order list applies to parameter used on the actual report, it does not apply to the order SQL Command Parameters are for some reason. Regardless, it has always been set in the order I'd like it... just that when it comes to the SQL Parameter part, it never follows.
Could this be a BOE issue then? -
How do u setup SQL parameter in .NET OLEDataAdapter. I tried to follow .NET sample to use ? but it doesn't work. Any idea? TIA
If you want to select all items you should use a query without a WHERE clause:
Select Id from table1
Please refer to the following page for more information about how to add a new query to your table adapter:
https://msdn.microsoft.com/en-us/library/kda44dwy.aspx.
You could call the new method with the new query "FillAll" or something.
You cannot select all values by passing some magic parameter value to the FillBy_Id query since it takes an id value to filter on.
Please remember to close your threads by marking helpful posts as answer and then start a new thread if you have a new question. Please don't post several questions in the same thread. -
Pl/sql parameter portlet - need some help/advice - how to create
I want to create a pl/sql portlet that accepts a parameter and on submit passes the parameter to other portlets (sql reports) these are then automatically run to display the new data.
E.g.
parameter portlet = deptno
On submit
Sql reports then refreshed using the parameter
I am aware, and have tried the mycompnay demo, which works exactly as I want but the parameter portlet cannot be amended and is written in Java.
I need a pl/sql equivalent so I can tailor the code.
Any advice examples or guidance would be really appreciated.
Thanks in anticipation.
SDHi,
You can use a form portlet to accept parameters and then call a report in the success procedure of the form. In this example it calls a report with the value in the flightno field.
declare
flightno number;
blk varchar2(10) := 'DEFAULT';
begin
flightno := p_session.get_value_as_varchar2(
p_block_name => blk,
p_attribute_name => 'A_FLIGHT_NO');
call('SJDEMO30.report1.show?p_arg_names=flightno&p_arg_values='||
flightno);
end;
Thanks,
Sharmila -
How to put Check Boxes in a SQL Report?
Hi All,
I have a SQL Report in my application. I want to put check box for each row of the report. How can I achieve that in APEX?
Here is my application page.
http://apex.oracle.com/pls/otn/f?p=20420:4:
Under the "Select" column heading I want to add the check box for each row of the report.
So that User select that row and when he clicks on Generate report It should generate its report.
The report should generate if user selects multiple rows also.
Workspace : alaka
username : [email protected]
Password : earth
Thanks
AlakaHi,
But I could not able to find whether the check box is checked or not.
In the apex page , button is provided and the checked rows "empno" should pass to next page hidden item when the button is clicked.
I tried apex_ITEM.CHECKBOX(1,empno,'CHECKED') by passing in the URL on click of the button. But it passes the test " apex_ITEM.CHECKBOX(1" to the item in the next page. And not checked values.
Here is my application page.
http://apex.oracle.com/pls/otn/f?p=20420:4:
Workspace : alaka
username : [email protected]
Password : earth
Application: TEST 20420
Page : 4
The button "Generate Report" is provided in the page. On click of this button the checked values should pass to the next page.
Please help me in this.
Thanks
Alaka -
How to put data into a RFC import parameter structure from portal
Hi, All,
I have a RFC in which an import parameter is a structure (not a table). I want to put data into that structure. I know how to put data into a table or a string. I tried to use
IRecordSet MyTABStr = (IRecordSet)structureFactory.getStructure(function.getParameter("MYTABSTR").getStructure());
MyTABStr.setString("FIELD1", value1);
MyTABStr.setString("FIELD2", value2);
importParams.put("MYTABSTR",MyTABStr);
But it works for table not structure. Is there anybody know how to do that?
Thanks in advance!
MeiyingHi,
You can try the following code -
IRecord structure = (IRecord)structureFactory.getStructure(function.getParameter("MYTABSTR").getStructure());
structure.setString("FIELD1", value1);
structure.setString("FIELD2", value2);
importParams.put("MYTABSTR",structure);
Regards,
Sudip -
Matching apostrophe's using sql LIKE
heh anyone,
Does anyone know how to match a string that has more than one apostrophe in it under SQL using the LIKE statement..
eg. finding the data string "Surprise Me Bits 'N' Baskets '" in a database table?
...WHERE store LIKE 'Sur%' <- this doesn't work of course as it throws an SQL exception because of the '.
regards
JKIt's ok, solved it. The answer if you are using it in a JSP and feeding in the string to search on is:
String sur = from where ever...
WHERE store LIKE " + "\"" + Sur + "%\"";
cheers
JK -
hi all, i keep having this syntax error with sql statement with words like I'm, she's..etc. any words with apostrophe's is misunderstood by sql. have searched for various solutions and tried this but it still doesnt work:
String name=request.getParameter("name");
String newname=name.replaceAll(" ' "," ' ' ");
//(im replacing one apostrophe with 2 of them.)
String sqlInsert = "insert into prod values(" + " ' " + newname " ' )";
what is wrong with this? thanksThe correct answer here is the PreparedStatement (not that the other suggesstions won't work, but you should replace ' with '', that's single quote with double single quote, not single quote for double quote).
As mentioned earlier all this will be taken care of. if you use PreparedStatement You should get in the habit of using them anyway. It eliminates nearly all kinds of formatting problems, dates, variables with punctuation, etc. Save yourself from having many more problems, use PreparedStatement. -
I am using the database connectivity (ADO based) tool and I want to be able to insert a null values.
I have included a simple VI that demonstrates how this works with SQL toolkit .
Null values are very useful and occur frequently in dealing with data. I wish that LabVIEW handled them much better - (e.g. there is not datatype in LabVIEW corresponding to a Null value).The VI was not attached but I'm going to answer with what I have here.
- Currently, the Database Toolset converts NULLs to the default value for LabVIEW data types (ie, False for Boolean, empty strings, zero for numbers, empty arrays, etc). In the user manual there is an example that shows database records containing NULL values being first converted to a string, empty strings (the NULLs) are then converted to NaNs instead of the usual zero value. This method requires you to know what data types each field contains and that they know what to look for and how to convert the data.
You can go to this following link to suggest that a null datatype be implemented:
https://sine.ni.com/apps/we/nicc.call_me?p_country=&p_lang_id=US&p_form_id=58
-Also you cannot leave par
ameters values empty because there is a big difference between executing an SQL statement and doing a Parameterized Query, especially when looking at the low-level ADO layer.When doing Parameterized Queries, you MUST specify all parameter values - leaving them empty results in ADO trapping errors rather than using a default value.
Regards,
Cyril Bouton
Applications Engineer
National Instruments
Cyril Bouton
Active LabVIEW Developper -
Query for required out put as mention below in SQL
HAI..
all
I HAVE A TABLES LIKE
SQL> SELECT *FROM A;
PCK PN
1 BIKES
2 COMPONENTS
SQL> SELECT *FROM B;
PSC PCK SBNAME
1 1 RASEBAIKE
2 1 SPEEDBIKE
3 2 MOTHERBORD
4 2 HARDIDSK
5 1 SPORTSBIKE
6 2 RAM
SQL> SELECT PN,SBNAME,COUNT(*) FROM A,B WHERE A.PCK=B.PCK GROUP BY ROLLUP(PN,SBNAME);
PN SBNAME COUNT(*)
BIKES RASEBAIKE 1
BIKES SPEEDBIKE 1
BIKES SPORTSBIKE 1
BIKES 3
COMPONENTS RAM 1
COMPONENTS HARDIDSK 1
COMPONENTS MOTHERBORD 1
COMPONENTS 3
6
I want output like this how to avoid duplicates in PN column in SQL
OUTPUT
1 BIKES
1 RASEBAIKE
2 SPEEDBIKE
5 SPORTSBIKE
2 COMPONENTS
3 MOTHERBORD
4 HARDIDSK
6 RAMKindly place \ before and after your data and code \try this
with a as
select 1 pck, 'BIKES' pn from dual union
select 2, 'COMPONENTS' from dual
, b as
select 1 psc, 1 pck, 'RASEBAIKE' sbname from dual union
select 2, 1, 'SPEEDBIKE' from dual union
select 3, 2, 'MOTHERBORD' from dual union
select 4, 2, 'HARDIDSK' from dual union
select 5, 1, 'SPORTSBIKE' from dual union
select 6, 2, 'RAM' from dual
select case
when nvl(a.pn, 'ALL') = lead(a.pn) over (partition by a.pn order by a.pn) then
null
else
nvl(a.pn, 'ALL')
end pn
,b.sbname
,count(*)
from a, b
where a.pck = b.pck
group by rollup(a.pn, b.sbname)
PN SBNAME COUNT(*)
RASEBAIKE 1
SPEEDBIKE 1
SPORTSBIKE 1
BIKES 3
HARDIDSK 1
MOTHERBORD 1
RAM 1
COMPONENTS 3
ALL 6if you want the output as follows:
PN SBNAME COUNT(*)
BIKES RASEBAIKE 1
SPEEDBIKE 1
SPORTSBIKE 1
3
COMPONENTS HARDIDSK 1
MOTHERBORD 1
RAM 1
3
ALL 6then simply modify LEAD to LAG -
If checkbox is checked, put values in select-options and parameter...
Hello Experts,
Based on my selection-screen below, How do I fill p_eindt and p_monat with values if
the user clicked on the checkbox p_end? Below is my selection-screen:
SELECTION-SCREEN BEGIN OF BLOCK b2 WITH FRAME TITLE text-003.
SELECTION-SCREEN BEGIN OF BLOCK 1 WITH FRAME TITLE text-001.
PARAMETER: p_bukrs TYPE bukrs OBLIGATORY.
SELECT-OPTIONS: p_werks FOR wa_ekpo-werks OBLIGATORY NO INTERVALS,
p_bsart FOR ekko-bsart OBLIGATORY NO INTERVALS,
p_eindt FOR eket-eindt OBLIGATORY,
p_ebeln FOR ekko-ebeln.
PARAMETER: p_monat TYPE monat OBLIGATORY,
p_gjahr TYPE gjahr OBLIGATORY.
SELECTION-SCREEN END OF BLOCK 1.
SELECTION-SCREEN BEGIN OF BLOCK b1 WITH FRAME TITLE text-002.
PARAMETER: p_end AS CHECKBOX.
SELECTION-SCREEN END OF BLOCK b1.
SELECTION-SCREEN END OF BLOCK b2.
Hope you can help me guys.Thank you and take care!Hi,
For F4 help for any input value in selection screen u can use:
Ex:
AT SELECTION-SCREEN ON VALUE-REQUEST FOR p_eidnt-LOW.
SELECT DISTINCT edint INTO TABLE IT_ab FROM <tablename>..
CALL FUNCTION 'F4IF_INT_TABLE_VALUE_REQUEST'
EXPORTING
DDIC_STRUCTURE =
RETFIELD = 'eindt'
PVALKEY = ' '
DYNPPROG = W_REPID
DYNPNR = W_DYNNR
DYNPROFIELD = 'p_eindt-LOW'
STEPL = 0
WINDOW_TITLE = 'Plant'
VALUE = ' '
VALUE_ORG = 'S'
MULTIPLE_CHOICE = 'X'
DISPLAY = ' '
CALLBACK_PROGRAM = ' '
CALLBACK_FORM = ' '
MARK_TAB = 'X'
IMPORTING
USER_RESET =
TABLES
VALUE_TAB = it_abc
FIELD_TAB =
RETURN_TAB = IT_RETURN
DYNPFLD_MAPPING =
EXCEPTIONS
PARAMETER_ERROR = 1
NO_VALUES_FOUND = 2
OTHERS = 3
IF SY-SUBRC <> 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
Try this.
Regards,
Vani. -
Hell,<br /><br />After I write pdf form, when I clicked the <submit button> in pdf form, I want to save data to MS SQL SERVER.<br /><br />I use Adobe Livecycle desinger v.8.1 program.<br /><br />My question is,<br />1. How to query with <where> statment <br /> ex) SELECT * FROM pubs WHERE title_id = '<param>'<br /><br />2. How to save to MS SQL SERVER<br /> ex) INSERT INTO pubs VALUES ('<param1>','<param2>',...)<br /><br />Thanks for any help that you can give!
A warning which I hope is appropriate... even if you have taken care
of this, it may help other people who read this. The code you have
written will leave your SQL server wide open to attacks of the kind
which have compromised many web sites recently, so your server can be
used for sending spam, collecting passwords, stealing credit card
details etc.
Be sure you know what "SQL injection" is. You MUST check in detail all
of the data that you insert into an SQL command, even simple SELECT
statements, or you can be attacked. See the Wikipedia entry on SQL
Injection to get started.
Aandi Inston -
Putting resultset Data into sql server 2000
hello,
I have some trouble with putting my Date into the sql server. I'm very confused about this and gives me a lot of headage!
This is my code:
public void GenerateAlarms(StringBuffer alarmsLeft) throws Exception
try
statement = conn.createStatement();
rsGenerate = statement.executeQuery("SELECT event_it, oplcl_id, host_id, app_id, sev_id, alarm_id,desc_id, prodef_id, alert_id, date_time FROM ScenarioFive");
int saveCheck;
sqlInsert.setInt(1, 1);
sqlInsert.setDate(2, rsGenerate.getDate(10));
sqlInsert.setInt(3, 1);
sqlInsert.setInt(4, 1);
sqlInsert.setInt(5, 2);
sqlInsert.setInt(6, 0);
sqlInsert.setInt(7, 2);
sqlInsert.setInt(8, 1);
sqlInsert.setInt(9, 2);
sqlInsert.setInt(10, 4);
saveCheck = sqlInsert.executeUpdate();
if (saveCheck == 0)
conn.rollback();
System.out.println("Alarms not Updated in new Database");
else
conn.commit();
rs.deleteRow();
catch (Exception e)
System.err.println("Got an exception! ");
System.err.println(e.getMessage());
System.out.println("Foult at insert alarms");
The error is Got an exception!
[Microsoft][ODBC Driver Manager] Invalid cursor state
OF course i have a Connection function to the database, I will give this just in case (this one is oke I think)
public void connection()throws Exception
String driver = "sun.jdbc.odbc.JdbcOdbcDriver";
String url = "jdbc:odbc:MSSQL-Storm1";
String username = "sqldemo";
String password = "sqldemo";
Class.forName(driver);
//Establish the conCection to the database.
conn = DriverManager.getConnection(url, password, username);
System.out.println("We are got Connected to STORM: Sql Server Port:1433");
statement = conn.createStatement();
conn.setAutoCommit(false);
Thanks a lot!!Not a concern for an Oracle forum.
Als no need for SHOUTING.
Conventional solutions are
- dump the data to a csv file and load it in Mickeysoft SQL server
- use Oracle Heterogeneous services
- use Mickeysoft DTS
Whatever you prefer.
Sybrand Bakker
Senior Oracle DBA
Maybe you are looking for
-
Dear All, I have implemented the RRI in BW . Its working fine. But there is one issue. Say user is in report A and he wants to go to Report B. Now in report A user has selected 3 characteristics and 3 key figures. Now he will right click on the repor
-
Lcds 2.5.1 with Flex 3?
We are running lcds 2.5.1 on our server, with an existing Flex 2.0 web app. We're now looking at upgrading our Flex code to Flex 3. Can we still use the existing 2.5.1 installation?
-
Preview webpages in TOP SITES not loading
Preview webpages on TOP SITES not loading. Visible is momentary blink loaded pages. I have Safari 5.1.7 on Windows 8. Please help me solve the problem.
-
Anybody know how to troubleshoot this scan error?
-
Export Under Rebate Pricing Procedure Configuration
Hi SD professionals, My Client have practice of export under rebate in which they used to export the goods by utilizing balances available in RG23A/RG23C. They charge excise with regular excise rates & but this duties are not charged to the custome