Replace single quotes

I know that I have to trap the single quotes when inserting names, streets, etc.
I tried to use replace() and to replace the single ones with 2 singles. Could somebody help me with the syntax as I'm getting all the time errors. Here is the code:
Insert into t1 values(Last_name, First_name, Street)
Last_name = 'last_Name's+app', First_name = first_name's_app', Street = 'street's_app'
Insert into t1 values((Replace(last_name, ','')), (replace(First_name,',''),(replace(Street,','')))
Also, do I need to worry when I passing the single quotes to the calling program?
Thanks a lot.
MJ

Check this out.
SQL> desc mytable
Name                                      Null?    Type
COL1                                               VARCHAR2(20)
COL2                                               NUMBER(2)
SQL> insert into mytable values('last_name''s+app',1);
1 row created.
SQL> select * from mytable;
COL1                       COL2
last_name's+app               1

Similar Messages

  • Replace Single Quote with double quote

    Hi All,
    I have a String s="help'me'to'replace";
    i want to replace single quote( ' ) in to double quote ( " )
    The final out put should be like this help"me"to"replace
    ( Actually this string i have to pass in to an XML )
    Please help any one

    s.replaceAll("'","\"");{code}
    or just one of the String#replace() methods.
    Edited by: sabre150 on Mar 17, 2009 11:48 AM                                                                                                                                                                                                                                                               

  • How to replace single quote with double quote

    hai all,
    i have a problem,
    i am trying insert a string containing single quote into ms-access database.
    it is giving error.
    how can i avoid this .if i replace a single quote in the text with double quote it will defenitely
    insert into database.
    in java.lang.String
    replace () will not work to replace quote with double quote.
    any otherway to solve this problem.
    please mail me to [email protected]
    thank you
    sambareddy
    inida

    java.lang.String.replace () will not work to replace quote with double quote.Really?
    String x = ...
    x.replace( "'", "\"" );

  • SQL Injection, replace single quote with two single quotes?

    Is replacing a single quote with two single quotes adequate
    for eliminating
    SQL injection attacks? This article (
    http://www.devguru.com/features/kb/kb100206.asp
    ) offers that advice, and it
    enabled me to allow users to search name fields in the
    database that contain
    single quotes.
    I was advised to use "Paramaterized SQL" in an earlier post,
    but I can't
    understand the concept behind that method, and whether it
    applies to
    queries, writes, or both.

    Then you can use both stored procedures and prepared
    statements.
    Both provide better protection than simply replacing
    apostrophes.
    Prepared statements are simple:
    Set myCommand = Server.CreateObject("ADODB.Command")
    ...snip...
    myCommand.CommandText = "INSERT INTO Users([Name], [Email])
    VALUES (?, ?)"
    ...snip...
    myCommand.Parameters.Append
    myCommand.CreateParameter("@Name",200,1,50,Name)
    myCommand.Parameters.Append
    myCommand.CreateParameter("@Email",200,1,50,Email)
    myCommand.Execute ,,128 'the ,,128 sets execution flags that
    tell ADO not to
    look for rows to be returned. This saves the expense of
    creating a
    recordset object you don't need.
    Stored procedures are executed in a similar manner. DW can
    help you with a
    stored procedure through the "Command (Stored Procedure)"
    server behavior.
    You can see a full example of a prepared statement by looking
    at DW's
    recordset code after you've created a recordset using version
    8.02.
    "Mike Z" <[email protected]> wrote in message
    news:eo5idq$3qr$[email protected]..
    >I should have repeated this, I am using VBScript in ASP,
    with an Access DB.
    >

  • Replaceing single quote in error message

    Hi,
    Iam trying following to get and insert into ERROR_LOG table:-
    SUBSTR('<%=odiRef.getPrevStepLog("MESSAGE")%>',1,1000)
    It is throwing up an error when it is trying to insert into ERROR_LOG Table,the reason is error message has got following :-
    ' PLS-00201: identifier 'III_1742_2013011901' must be declared'
    i.e quote with in a quote if i take that one out from error message i can insert into ERROR LOG Table.
    How can we avoid this in ODI odiRef.getPrevStepLog message?
    Cheers

    try to replace the character or read after PLS.
    You can give a try like below. This should be done inside script let.
    odiRef.getPrevStepLog("MESSAGE").replace("'","")

  • Replace single quote with two single quotes

    Hi all,
    I have a value = ABCD'S(>@!23. i want to replace the value as ABCD''S(>@!23.
    Thanks in advance

    What is your database version ? Q operator works from 10G onwards.
    SQL*Plus: Release 10.2.0.1.0 - Production on Tue Nov 23 14:35:38 2010
    Copyright (c) 1982, 2005, Oracle.  All rights reserved.
    SQL> conn hr
    Enter password:
    Connected.
    SQL>  CREATE TABLE test_Q_operator(str VARCHAR2(30));
    Table created.
    SQL> INSERT INTO test_Q_operator VALUES('ABCD''S(>@!23');
    1 row created.
    SQL> INSERT INTO test_Q_operator VALUES('Saubhik''s test row');
    1 row created.
    SQL> commit;
    Commit complete.
    SQL> SELECT str,REPLACE(str,Q'[']',Q'['']') col2
      2  FROM test_Q_operator;
    STR
    COL2
    ABCD'S(>@!23
    ABCD''S(>@!23
    Saubhik's test row
    Saubhik''s test row
    SQL>Also check you SQL*PLUS client version.

  • Replacing single quote

    I am an ASP developer and new to JSP. I want to know that how we can replace a singlequote( ' ) in a string, like we do by "replace" function in ASP.

    What do you mean by replacing the (') if you want to use the (') or (") in the String then you can use
    \" or \'

  • How to use a single quote string in where condition

    Hi,
    I have one problem in building a query.
    SELECT agx_drug_indication.record_id, agx_drug_indication.fk_ad_rec_id,
    agx_drug_indication.drugindicationmeddraver, agx_drug.record_id,
    agx_drug.fk_apat_rec_id,
    REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
    pack_imp_objects.fn_get_arisg_code
    (147,
    agx_drug_indication.drugindicationmeddraver
    ) AS "DRUGINDICATIONMEDDRAVER",
    agx_drug.drugindication,
    NVL (agx_drug.drugcharacterization, 1) AS "DRUGCHARACTERIZATION",
    agx_safety_report.record_id, agx_safety_report.case_identifier_no,
    agx_safety_report.fk_apat_rec_id,
    pack_imp_objects.fn_meddra_llt_matching
    (agx_drug_indication.drugindication,
    agx_drug_indication.drugindication,
    agx_drug_indication.drugindicationmeddraver,
    1
    ) AS "LLT_CODE",
    pack_imp_objects.fn_meddra_soccode_matching
    (agx_drug_indication.drugindication,
    agx_drug_indication.drugindicationmeddraver
    ) AS "PRIMARY_SOC_CODE",
    pack_imp_objects.fn_meddra_soccode_matching
    (agx_drug_indication.drugindication,
    agx_drug_indication.drugindicationmeddraver
    ) AS "CASE_SOC_CODE",
    pack_imp_objects.fn_meddra_pt_matching
    (agx_drug_indication.drugindication,
    agx_drug_indication.drugindication,
    agx_drug_indication.drugindicationmeddraver
    ) AS "PT_CODE",
    pack_imp_objects.fn_get_aer_id (11) AS "AER_ID"
    FROM agx_drug_indication,
    agx_drug,
    agx_safety_report
    WHERE agx_drug_indication.fk_ad_rec_id = agx_drug.record_id
    AND agx_drug.fk_apat_rec_id = agx_safety_report.fk_apat_rec_id
    AND agx_safety_report.case_identifier_no IS NOT NULL
    AND agx_drug_indication.drugindication IS NOT NULL
    AND agx_drug.medicinalproduct =
    REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
    In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.
    Ex: ABC's or just ABC.
    The query has to support both single quote and without quote in it.
    I wanted everything to be done in the sinlq query on not a PL/SQL Block.
    Please help me ASAP

    kumar0828 wrote:
    <font color="#FF0000"> ... </font>
    REPLACE (agx_drug.medicinalproduct, '''', '''') AS "MEDICINALPRODUCT",
    <font color="#FF0000"> ... </font> <pre>
    REPLACE (agx_drug.medicinalproduct, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
    </pre>
    With the above statement you are replacing single quote with another single quote
    (which is nonsense).
    <font color="#FF0000"> ... </font>
    AND agx_drug.medicinalproduct = REPLACE ('*-qVAGX_DRUG.MEDICINALPRODUCT*', '''', '''')
    In the above query last line '-qVAGX_DRUG.MEDICINALPRODUCT' is a dynamic variable which may or may not contain the single quotes.This is not a dynamic variable but a string value:
    <pre>
    AND agx_drug.medicinalproduct =
    REPLACE (<font style="background-color: #FF3D55">'*</font>-qVAGX_DRUG.MEDICINALPRODUCT<font style="background-color: #FF3D55">*'</font>, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
    </pre>
    *-qVAGX_DRUG.MEDICINALPRODUCT* <pre>
    AND agx_drug.medicinalproduct =
    REPLACE (<font style="background-color: #FF3D55">q'*</font>-qVAGX_DRUG.MEDICINALPRODUCT<font style="background-color: #FF3D55">*'</font>, '<font style="background-color: #E7FA6B">''</font>', '<font style="background-color: #E7FA6B">''</font>')
    </pre>
    -qVAGX_DRUG.MEDICINALPRODUCT q'[a]' => a
    q'[a']' => a'
    q'[a'']' => a''
    q'*a*' => a
    q'*a'*' => a'
    q'*a''*' => a''
    A variable also cannot contain a dot (.):
    <pre>VAGX_DRUG<font style="background-color: #FF3D55">.</font>MEDICINALPRODUCT</pre>
    Ex: ABC's or just ABC.
    The query has to support both single quote and without quote in it.
    I wanted everything to be done in the sinlq query on not a PL/SQL Block.
    Please help me ASAPTry this:
    <pre>
    AND agx_drug.medicinalproduct = MY_VARIABLE
    </pre>

  • How to replace double quotes with a single quote in a string ?

    Hi All:
    Can some one tell me how to replace double Quote (") in a string with a single quote (') ? I tried to use REPLACE function, but I couldn;t get it worked.
    My example is SELECT REPLACE('STN. "A"', '"', ''') FROM Dual --This one throws an error
    Thanks,
    Dima.

    Whether it is maybe not the more comfortable way, I like the quoting capabitlity from 10g :
    SQL> SELECT REPLACE('STN. "A"', '"', q'(')') FROM Dual;
    REPLACE(
    STN. 'A'{code}
    Nicoals.                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • Replace a string single quote(') with underscore(_)

    I have more than 100 tables in a schema.
    I have to find out if a string has a single quote in the column and replace it with an underscore.
    I have 2 columns CREATE_USER and UPDATE_USER in all the tables. Now i want to update the values if the string has a single quote in it.
    I tried it with execute immediate but it is not allowing underscore in the statement.
    DECLARE
       v_table_name    VARCHAR2 (30);
       v_column_name   VARCHAR2 (30);
       CURSOR c_name
       IS
          SELECT DISTINCT table_name, column_name
                     FROM user_tab_cols
                    WHERE column_name IN ('LOGIN', 'CREATE_USER', 'UPDATE_USER')
                      AND table_name NOT LIKE '%JN';
    BEGIN
       FOR rec IN c_name
       LOOP
          v_table_name     := rec.table_name;
          v_column_name    := rec.column_name;
          EXECUTE IMMEDIATE    'update '
                            || v_table_name
                            || ' set '
                            || v_column_name
                            || ' = REPLACE('
                            || v_column_name
                            || ','''',"_") where '
                            || v_column_name
                            || ' like "%''%"';
       END LOOP;
    END;
    /i am getting the below error:
    ORA-00904: "%'%": invalid identifier
    ORA-06512: at line 17Can anyone let me know what is the error in the statement and how to overcome it

    please try to replace your execute immediate with:
    EXECUTE IMMEDIATE  'update '
                            || v_table_name
                            || ' set '
                            || v_column_name
                            || ' = REPLACE('
                            || v_column_name
                            || ','''''''',''_'') where '
                            || v_column_name
                            || ' like ''%''''%''';You can check the statement when you take a look at the construction before like this:
    declare
      v_sql varchar2(1000);
    begin
       v_sql:= 'update '
                            || v_table_name
                            || ' set '
                            || v_column_name
                            || ' = REPLACE('
                            || v_column_name
                            || ','''''''',''_'') where '
                            || v_column_name
                            || ' like ''%''''%''';
       dbms_output.put_line(v_sql);
       execute immediate v_sql;
       ...Edited by: hm on 23.11.2010 01:43

  • Replacing " (double quote) with ' (single quote)

    Hi there,
    I have the following method to manipulate user input. All I want to do is, to replace the double quote with a single quote. The implementation I tried was,
    this.replace(desc, "\"", "'");
    This does not work for me. It jsut removes the double quote and does not introduces the single quote. Could any one please advise?
    Thanks,
    Des
    public static String replace(String line, String oldString, String newString) {
              if(line != null && oldString != null && newString != null) {
                   int index = 0;
                   while ((index = line.indexOf(oldString, index)) >= 0) {
                        line = line.substring(0, index) +
                             newString +
                             line.substring(index + oldString.length());
                        index += newString.length();
              return line;
         }

    Bad luck.. I am unable to get it still.
    This is the code I am using (implemetation is in a JSP. I am using this code to test it).
    public class Test{
    public static void main(String args[]){
         String s = args[0];
         Test t = new Test();
         String doubleQuote = "\"";
         System.out.println(" output :"+ t.replace(s,doubleQuote,"'"));
         //System.out.println(" output :"+ t.replace(s,"\"","'"));
         //System.out.println(" output :"+ t.replace('"', '\''));
    public static String replace(String line, String oldString, String newString) {
              if(line != null && oldString != null && newString != null) {
                   int index = 0;
                   while ((index = line.indexOf(oldString, index)) >= 0) {
                             System.out.println(" line count :");
                        line = line.substring(0, index) +
                             newString +
                             line.substring(index + oldString.length());
                        index += newString.length();
              return line;
    }mshn02
    The main problem is I am stuck with the server's version of Java (which I have no control on it). I could not use 1.4.2

  • Identify and replace a single quote in an In Parameter

    Can anyone tell me the syntax for finding and replacing a single quote in a user entered string? Thanks.

    Cav,
    I tried this:
    insert into emp values (9999,''''||'Must', 'ddd',7902, sysdate, 2000, null, 10) ;
    select * from emp;
         EMPNO ENAME      JOB              MGR HIREDATE          SAL       COMM     DEPTNO
          7369 SMITH      CLERK           7902 17-12-1980        800                    20
          7499 ALLEN      SALESMAN        7698 20-02-1981       1600        300         30
          7521 WARD       SALESMAN        7698 22-02-1981       1250        500         30
          7566 JONES      MANAGER         7839 02-04-1981       2975                    20
          7654 MARTIN     SALESMAN        7698 28-09-1981       1250       1400         30
          7698 BLAKE      MANAGER         7839 01-05-1981       2850                    30
          7782 CLARK      MANAGER         7839 09-06-1981       2450                    10
          7788 SCOTT      ANALYST         7566 19-04-1987       3000                    20
          7839 KING       PRESIDENT            17-11-1981       5000                    10
          7844 TURNER     SALESMAN        7698 08-09-1981       1500          0         30
          7876 ADAMS      CLERK           7788 23-05-1987       1100                    20
          7900 JAMES      CLERK           7698 03-12-1981        950                    30
          7902 FORD       ANALYST         7566 03-12-1981       3000                    20
          7934 MILLER     CLERK           7782 23-01-1982       1300                    10
          9999 'Must      ddd             7902 29-08-2005       2000                    10
    select * from emp where ename = ''''||'Must';
         EMPNO ENAME      JOB              MGR HIREDATE          SAL       COMM     DEPTNO
          9999 'Must      ddd             7902 29-08-2005       2000                    10Hope this helps
    Ghulam

  • Firefox is replacing double quotes with single quotes.

    In WordPress and at other sites where I input and save text, Firefox is replacing double quotes with single quotes when I save. It's also showing double quotes as single quotes on websites. I tried uninstalling and reinstalling, and it's still happening.

    Do you have the needed font installed?
    *http://en.wikipedia.org/wiki/Punctuation

  • Can I quote a single quote character so that I can use it in Replace()

    Hi. How can I quote a single quote character so that I can use it in the Replace() function below. I'm attempting to query first_name records that contain a '.
    select first_name, last_name
    from ttms.prospect
    where instr(first_name,"'") > 0
    ERROR at line 3:
    ORA-00904: "'": invalid identifier

    Hi,
    String literals are enclosed in single-quotes (not double-quotes).
    To use a single-quote within a string literal, use two of them:
    WHERE   INSTR (first_name, '''') > 0In Oacle 10 (and up) you can also use Q-Notation:
    WHERE   INSTR (first_name, q'[']') > 0but you may find this more confusing for short literals containing only one single-quote.
    Edited by: Frank Kulash on Mar 11, 2009 4:52 PM

  • Report parameter field value has a single quote. need to escape before pass

    Report has a parameter whose value might have a single quote in it. If I pass that value directly into the SQL Command... like
    where ... user_name = {?parm_user_name}...
    which would translate to
    user_name='O'Donnel Honda'
    I am getting an error... so would like to convert this parameter value into 'O''Donnel Honda' before passing into the query.
    I created a formula called parse_user_name with following:
    Replace ({?parm_user_name}, "'", "''")
    And used in the query like
    where ... user_name = {@parse_user_name}...
    I am getting an error like invalid SQL92 character...

    I think you should use the condition like this
    where ... user_name = '{?parm_user_name}'
    keep the parameter in single quote at the command level itself.
    Now use the same formula like
    replace({?Parameter},"'","''")
    This works only if the parameter is a single value parameter but not multi value parameter.
    Regards,
    Raghavendra

Maybe you are looking for

  • BSD/Darwin Names of Hard Disk Drives

    Hello! A question just out of curiosity: In what order does Mac OS X assign names/numbers to the system's hard disks? I am wondering because I mounted an old 2.5" inch drive (originally from my tangerine iBook) formated as MBR/FAT32 into a G4-533 (di

  • FGI3 Report Painter - Tcode

    Hi All, Does anyone know how to create a tcode for reports created in FGI3? I tried assigning the program name into a tcode but when I am trying to run the new tcode the selection screen is different from the report painter and it does not retrieved

  • Can't load software

    Hello, I already have the IPOD mini and just purchased IPOD 60 GB. The instructions recommended that I install the software that came with the device, but it won't completely install. I am afraid to uninstall itunes and quick time for fear that I wil

  • Text icon

    I have a small blue D icon next to some text messages after the 10.2.1 update. I cannot find any information on what that icon is. I have a screen grab but cannot attach the picture. Solved! Go to Solution.

  • Automate Guest account creation?

    I need to create multiple users for guest wifi (+200) using the Lobby Admin account, is there a way to either create a template, csv file, or any other way to automate this and import it into the WLC as opposed to creating each account individually?