Replace single quotes
I know that I have to trap the single quotes when inserting names, streets, etc.
I tried to use replace() and to replace the single ones with 2 singles. Could somebody help me with the syntax as I'm getting all the time errors. Here is the code:
Insert into t1 values(Last_name, First_name, Street)
Last_name = 'last_Name's+app', First_name = first_name's_app', Street = 'street's_app'
Insert into t1 values((Replace(last_name, ','')), (replace(First_name,',''),(replace(Street,','')))
Also, do I need to worry when I passing the single quotes to the calling program?
Thanks a lot.
MJ
Check this out.
SQL> desc mytable
Name Null? Type
COL1 VARCHAR2(20)
COL2 NUMBER(2)
SQL> insert into mytable values('last_name''s+app',1);
1 row created.
SQL> select * from mytable;
COL1 COL2
last_name's+app 1
Similar Messages
-
Replace Single Quote with double quote
Hi All,
I have a String s="help'me'to'replace";
i want to replace single quote( ' ) in to double quote ( " )
The final out put should be like this help"me"to"replace
( Actually this string i have to pass in to an XML )
Please help any ones.replaceAll("'","\"");{code}
or just one of the String#replace() methods.
Edited by: sabre150 on Mar 17, 2009 11:48 AM -
How to replace single quote with double quote
hai all,
i have a problem,
i am trying insert a string containing single quote into ms-access database.
it is giving error.
how can i avoid this .if i replace a single quote in the text with double quote it will defenitely
insert into database.
in java.lang.String
replace () will not work to replace quote with double quote.
any otherway to solve this problem.
please mail me to [email protected]
thank you
sambareddy
inidajava.lang.String.replace () will not work to replace quote with double quote.Really?
String x = ...
x.replace( "'", "\"" ); -
SQL Injection, replace single quote with two single quotes?
Is replacing a single quote with two single quotes adequate
for eliminating
SQL injection attacks? This article (
http://www.devguru.com/features/kb/kb100206.asp
) offers that advice, and it
enabled me to allow users to search name fields in the
database that contain
single quotes.
I was advised to use "Paramaterized SQL" in an earlier post,
but I can't
understand the concept behind that method, and whether it
applies to
queries, writes, or both.Then you can use both stored procedures and prepared
statements.
Both provide better protection than simply replacing
apostrophes.
Prepared statements are simple:
Set myCommand = Server.CreateObject("ADODB.Command")
...snip...
myCommand.CommandText = "INSERT INTO Users([Name], [Email])
VALUES (?, ?)"
...snip...
myCommand.Parameters.Append
myCommand.CreateParameter("@Name",200,1,50,Name)
myCommand.Parameters.Append
myCommand.CreateParameter("@Email",200,1,50,Email)
myCommand.Execute ,,128 'the ,,128 sets execution flags that
tell ADO not to
look for rows to be returned. This saves the expense of
creating a
recordset object you don't need.
Stored procedures are executed in a similar manner. DW can
help you with a
stored procedure through the "Command (Stored Procedure)"
server behavior.
You can see a full example of a prepared statement by looking
at DW's
recordset code after you've created a recordset using version
8.02.
"Mike Z" <[email protected]> wrote in message
news:eo5idq$3qr$[email protected]..
>I should have repeated this, I am using VBScript in ASP,
with an Access DB.
> -
Replaceing single quote in error message
Hi,
Iam trying following to get and insert into ERROR_LOG table:-
SUBSTR('<%=odiRef.getPrevStepLog("MESSAGE")%>',1,1000)
It is throwing up an error when it is trying to insert into ERROR_LOG Table,the reason is error message has got following :-
' PLS-00201: identifier 'III_1742_2013011901' must be declared'
i.e quote with in a quote if i take that one out from error message i can insert into ERROR LOG Table.
How can we avoid this in ODI odiRef.getPrevStepLog message?
Cheerstry to replace the character or read after PLS.
You can give a try like below. This should be done inside script let.
odiRef.getPrevStepLog("MESSAGE").replace("'","") -
Replace single quote with two single quotes
Hi all,
I have a value = ABCD'S(>@!23. i want to replace the value as ABCD''S(>@!23.
Thanks in advanceWhat is your database version ? Q operator works from 10G onwards.
SQL*Plus: Release 10.2.0.1.0 - Production on Tue Nov 23 14:35:38 2010
Copyright (c) 1982, 2005, Oracle. All rights reserved.
SQL> conn hr
Enter password:
Connected.
SQL> CREATE TABLE test_Q_operator(str VARCHAR2(30));
Table created.
SQL> INSERT INTO test_Q_operator VALUES('ABCD''S(>@!23');
1 row created.
SQL> INSERT INTO test_Q_operator VALUES('Saubhik''s test row');
1 row created.
SQL> commit;
Commit complete.
SQL> SELECT str,REPLACE(str,Q'[']',Q'['']') col2
2 FROM test_Q_operator;
STR
COL2
ABCD'S(>@!23
ABCD''S(>@!23
Saubhik's test row
Saubhik''s test row
SQL>Also check you SQL*PLUS client version. -
I am an ASP developer and new to JSP. I want to know that how we can replace a singlequote( ' ) in a string, like we do by "replace" function in ASP.
What do you mean by replacing the (') if you want to use the (') or (") in the String then you can use
\" or \' -
How to use a single quote string in where condition
Hi,
I have one problem in building a query.
SELECT agx_drug_indication.record_id, agx_drug_indication.fk_ad_rec_id,
agx_drug_indication.drugindicationmeddraver, agx_drug.record_id,
agx_drug.fk_apat_rec_id,
REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
pack_imp_objects.fn_get_arisg_code
(147,
agx_drug_indication.drugindicationmeddraver
) AS "DRUGINDICATIONMEDDRAVER",
agx_drug.drugindication,
NVL (agx_drug.drugcharacterization, 1) AS "DRUGCHARACTERIZATION",
agx_safety_report.record_id, agx_safety_report.case_identifier_no,
agx_safety_report.fk_apat_rec_id,
pack_imp_objects.fn_meddra_llt_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver,
1
) AS "LLT_CODE",
pack_imp_objects.fn_meddra_soccode_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "PRIMARY_SOC_CODE",
pack_imp_objects.fn_meddra_soccode_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "CASE_SOC_CODE",
pack_imp_objects.fn_meddra_pt_matching
(agx_drug_indication.drugindication,
agx_drug_indication.drugindication,
agx_drug_indication.drugindicationmeddraver
) AS "PT_CODE",
pack_imp_objects.fn_get_aer_id (11) AS "AER_ID"
FROM agx_drug_indication,
agx_drug,
agx_safety_report
WHERE agx_drug_indication.fk_ad_rec_id = agx_drug.record_id
AND agx_drug.fk_apat_rec_id = agx_safety_report.fk_apat_rec_id
AND agx_safety_report.case_identifier_no IS NOT NULL
AND agx_drug_indication.drugindication IS NOT NULL
AND agx_drug.medicinalproduct =
REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.
Ex: ABC's or just ABC.
The query has to support both single quote and without quote in it.
I wanted everything to be done in the sinlq query on not a PL/SQL Block.
Please help me ASAPkumar0828 wrote:
<font color="#FF0000"> ... </font>
REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
<font color="#FF0000"> ... </font> <pre>
REPLACE (agx_drug.medicinalproduct, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
</pre>
With the above statement you are replacing single quote with another single quote
(which is nonsense).
<font color="#FF0000"> ... </font>
AND agx_drug.medicinalproduct = REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.This is not a dynamic variable but a string value:
<pre>
AND agx_drug.medicinalproduct =
REPLACE (<font style="background-color: #FF3D55">'*</font>-qVAGX_DRUG.MEDICINALPRODUCT<font style="background-color: #FF3D55">*'</font>, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
</pre>
*-qVAGX_DRUG.MEDICINALPRODUCT* <pre>
AND agx_drug.medicinalproduct =
REPLACE (<font style="background-color: #FF3D55">q'*</font>-qVAGX_DRUG.MEDICINALPRODUCT<font style="background-color: #FF3D55">*'</font>, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
</pre>
-qVAGX_DRUG.MEDICINALPRODUCT q'[a]' => a
q'[a']' => a'
q'[a'']' => a''
q'*a*' => a
q'*a'*' => a'
q'*a''*' => a''
A variable also cannot contain a dot (.):
<pre>VAGX_DRUG<font style="background-color: #FF3D55">.</font>MEDICINALPRODUCT</pre>
Ex: ABC's or just ABC.
The query has to support both single quote and without quote in it.
I wanted everything to be done in the sinlq query on not a PL/SQL Block.
Please help me ASAPTry this:
<pre>
AND agx_drug.medicinalproduct = MY_VARIABLE
</pre> -
How to replace double quotes with a single quote in a string ?
Hi All:
Can some one tell me how to replace double Quote (") in a string with a single quote (') ? I tried to use REPLACE function, but I couldn;t get it worked.
My example is SELECT REPLACE('STN. "A"', '"', ''') FROM Dual --This one throws an error
Thanks,
Dima.Whether it is maybe not the more comfortable way, I like the quoting capabitlity from 10g :
SQL> SELECT REPLACE('STN. "A"', '"', q'(')') FROM Dual;
REPLACE(
STN. 'A'{code}
Nicoals. -
Replace a string single quote(') with underscore(_)
I have more than 100 tables in a schema.
I have to find out if a string has a single quote in the column and replace it with an underscore.
I have 2 columns CREATE_USER and UPDATE_USER in all the tables. Now i want to update the values if the string has a single quote in it.
I tried it with execute immediate but it is not allowing underscore in the statement.
DECLARE
v_table_name VARCHAR2 (30);
v_column_name VARCHAR2 (30);
CURSOR c_name
IS
SELECT DISTINCT table_name, column_name
FROM user_tab_cols
WHERE column_name IN ('LOGIN', 'CREATE_USER', 'UPDATE_USER')
AND table_name NOT LIKE '%JN';
BEGIN
FOR rec IN c_name
LOOP
v_table_name := rec.table_name;
v_column_name := rec.column_name;
EXECUTE IMMEDIATE 'update '
|| v_table_name
|| ' set '
|| v_column_name
|| ' = REPLACE('
|| v_column_name
|| ','''',"_") where '
|| v_column_name
|| ' like "%''%"';
END LOOP;
END;
/i am getting the below error:
ORA-00904: "%'%": invalid identifier
ORA-06512: at line 17Can anyone let me know what is the error in the statement and how to overcome itplease try to replace your execute immediate with:
EXECUTE IMMEDIATE 'update '
|| v_table_name
|| ' set '
|| v_column_name
|| ' = REPLACE('
|| v_column_name
|| ','''''''',''_'') where '
|| v_column_name
|| ' like ''%''''%''';You can check the statement when you take a look at the construction before like this:
declare
v_sql varchar2(1000);
begin
v_sql:= 'update '
|| v_table_name
|| ' set '
|| v_column_name
|| ' = REPLACE('
|| v_column_name
|| ','''''''',''_'') where '
|| v_column_name
|| ' like ''%''''%''';
dbms_output.put_line(v_sql);
execute immediate v_sql;
...Edited by: hm on 23.11.2010 01:43 -
Replacing " (double quote) with ' (single quote)
Hi there,
I have the following method to manipulate user input. All I want to do is, to replace the double quote with a single quote. The implementation I tried was,
this.replace(desc, "\"", "'");
This does not work for me. It jsut removes the double quote and does not introduces the single quote. Could any one please advise?
Thanks,
Des
public static String replace(String line, String oldString, String newString) {
if(line != null && oldString != null && newString != null) {
int index = 0;
while ((index = line.indexOf(oldString, index)) >= 0) {
line = line.substring(0, index) +
newString +
line.substring(index + oldString.length());
index += newString.length();
return line;
}Bad luck.. I am unable to get it still.
This is the code I am using (implemetation is in a JSP. I am using this code to test it).
public class Test{
public static void main(String args[]){
String s = args[0];
Test t = new Test();
String doubleQuote = "\"";
System.out.println(" output :"+ t.replace(s,doubleQuote,"'"));
//System.out.println(" output :"+ t.replace(s,"\"","'"));
//System.out.println(" output :"+ t.replace('"', '\''));
public static String replace(String line, String oldString, String newString) {
if(line != null && oldString != null && newString != null) {
int index = 0;
while ((index = line.indexOf(oldString, index)) >= 0) {
System.out.println(" line count :");
line = line.substring(0, index) +
newString +
line.substring(index + oldString.length());
index += newString.length();
return line;
}mshn02
The main problem is I am stuck with the server's version of Java (which I have no control on it). I could not use 1.4.2 -
Identify and replace a single quote in an In Parameter
Can anyone tell me the syntax for finding and replacing a single quote in a user entered string? Thanks.
Cav,
I tried this:
insert into emp values (9999,''''||'Must', 'ddd',7902, sysdate, 2000, null, 10) ;
select * from emp;
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
7369 SMITH CLERK 7902 17-12-1980 800 20
7499 ALLEN SALESMAN 7698 20-02-1981 1600 300 30
7521 WARD SALESMAN 7698 22-02-1981 1250 500 30
7566 JONES MANAGER 7839 02-04-1981 2975 20
7654 MARTIN SALESMAN 7698 28-09-1981 1250 1400 30
7698 BLAKE MANAGER 7839 01-05-1981 2850 30
7782 CLARK MANAGER 7839 09-06-1981 2450 10
7788 SCOTT ANALYST 7566 19-04-1987 3000 20
7839 KING PRESIDENT 17-11-1981 5000 10
7844 TURNER SALESMAN 7698 08-09-1981 1500 0 30
7876 ADAMS CLERK 7788 23-05-1987 1100 20
7900 JAMES CLERK 7698 03-12-1981 950 30
7902 FORD ANALYST 7566 03-12-1981 3000 20
7934 MILLER CLERK 7782 23-01-1982 1300 10
9999 'Must ddd 7902 29-08-2005 2000 10
select * from emp where ename = ''''||'Must';
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
9999 'Must ddd 7902 29-08-2005 2000 10Hope this helps
Ghulam -
Firefox is replacing double quotes with single quotes.
In WordPress and at other sites where I input and save text, Firefox is replacing double quotes with single quotes when I save. It's also showing double quotes as single quotes on websites. I tried uninstalling and reinstalling, and it's still happening.
Do you have the needed font installed?
*http://en.wikipedia.org/wiki/Punctuation -
Can I quote a single quote character so that I can use it in Replace()
Hi. How can I quote a single quote character so that I can use it in the Replace() function below. I'm attempting to query first_name records that contain a '.
select first_name, last_name
from ttms.prospect
where instr(first_name,"'") > 0
ERROR at line 3:
ORA-00904: "'": invalid identifierHi,
String literals are enclosed in single-quotes (not double-quotes).
To use a single-quote within a string literal, use two of them:
WHERE INSTR (first_name, '''') > 0In Oacle 10 (and up) you can also use Q-Notation:
WHERE INSTR (first_name, q'[']') > 0but you may find this more confusing for short literals containing only one single-quote.
Edited by: Frank Kulash on Mar 11, 2009 4:52 PM -
Report parameter field value has a single quote. need to escape before pass
Report has a parameter whose value might have a single quote in it. If I pass that value directly into the SQL Command... like
where ... user_name = {?parm_user_name}...
which would translate to
user_name='O'Donnel Honda'
I am getting an error... so would like to convert this parameter value into 'O''Donnel Honda' before passing into the query.
I created a formula called parse_user_name with following:
Replace ({?parm_user_name}, "'", "''")
And used in the query like
where ... user_name = {@parse_user_name}...
I am getting an error like invalid SQL92 character...I think you should use the condition like this
where ... user_name = '{?parm_user_name}'
keep the parameter in single quote at the command level itself.
Now use the same formula like
replace({?Parameter},"'","''")
This works only if the parameter is a single value parameter but not multi value parameter.
Regards,
Raghavendra
Maybe you are looking for
-
BSD/Darwin Names of Hard Disk Drives
Hello! A question just out of curiosity: In what order does Mac OS X assign names/numbers to the system's hard disks? I am wondering because I mounted an old 2.5" inch drive (originally from my tangerine iBook) formated as MBR/FAT32 into a G4-533 (di
-
Hi All, Does anyone know how to create a tcode for reports created in FGI3? I tried assigning the program name into a tcode but when I am trying to run the new tcode the selection screen is different from the report painter and it does not retrieved
-
Hello, I already have the IPOD mini and just purchased IPOD 60 GB. The instructions recommended that I install the software that came with the device, but it won't completely install. I am afraid to uninstall itunes and quick time for fear that I wil
-
I have a small blue D icon next to some text messages after the 10.2.1 update. I cannot find any information on what that icon is. I have a screen grab but cannot attach the picture. Solved! Go to Solution.
-
Automate Guest account creation?
I need to create multiple users for guest wifi (+200) using the Lobby Admin account, is there a way to either create a template, csv file, or any other way to automate this and import it into the WLC as opposed to creating each account individually?