Single quotes to be stored

I buliding a where clause.....
something like
' where werks = '1001' '.
here its not allowing me to pass the quotation mark..
i know that there is some method to do this..... can any body help

its still going to dump.
Error: A comparison value is missing from the dynamic WHERE condition.
it_where-where =
'mandt = sy-mandt and paramid = "ZPP_LINE_STP" and param1 = "RESP CD"'.
APPEND it_where.
SELECT param2 paramdesn INTO TABLE it_desc FROM zpp03parameter
CLIENT SPECIFIED WHERE (p_where).
IF sy-subrc = 0.
SORT it_desc ASCENDING BY param2.
ENDIF.

Similar Messages

Adding Single quote in dymanic stored procedure

Hi Everyone,
i am using a stored procedure which prints triggers which is called as dynamic trigger script.
here i am storing required table name values into M_ALL_DYNAMIC_DRIVER_TEMP
for ex table: M_ALL_DYNAMIC_DRIVER_TEMP:
TABLE_NAME DATA_UID_ALT1_PREFIX IU_TRG_FLAG
BA_ORG                ALT                                     Y
stored procedure is :
create or replace
PROCEDURE SP_TRIGGER_SCRIPT_temp
AS
SQLSTR VARCHAR(4000);
SQLSTR_ETL VARCHAR(4000);
SQLSTR1 varchar(40);
SQLSTR2 varchar(40);
SQLSTR3 varchar(40);
SQLSTR4 varchar(40);
TABLE_NAME varchar(40);
PK_TABLE varchar(40);
begin
for c in (select TABLE_NAME,DATA_UID_ALT1_PREFIX from M_ALL_DYNAMIC_DRIVER_TEMP where IU_TRG_FLAG = 'Y'   and DATA_UID_ALT1_PREFIX is not null )
loop
        SQLSTR1:= c.TABLE_NAME;
        SQLSTR2:= TRIM(SQLSTR1)||'_ID';
        DBMS_OUTPUT.PUT_LINE('-------------------------------------- START TABLE_NAME:'||SQLSTR1 ||', DATA_UID_GEN_METHOD:ALT1 ,SHORT_TRG_BASENAME:NULL -------------------------------------------------------------');
      SQLSTR:= 'create or replace
TRIGGER "'||TRIM(SQLSTR1)||'_IU_TRG" BEFORE INSERT ON '||SQLSTR1||' FOR EACH ROW
BEGIN
If inserting then
   if :new.ROW_CHANGED_BY is NULL then
       :new.ROW_CHANGED_BY := :new.ROW_CREATED_BY;
   end if;
   if :new.DATA_UID is NULL then
       SELECT GENERATE_DATA_UID('||SQLSTR1||',:new.'||SQLSTR2||') INTO :new.DATA_UID FROM DUAL;
   end if;
end if;
If updating then
if not updating(''ROW_CHANGED_BY'') then
     :new.ROW_CHANGED_BY := USER;
end if;
end if;
END';
DBMS_OUTPUT.PUT_LINE(SQLSTR);
DBMS_OUTPUT.PUT_LINE(SQLSTR_ETL);
DBMS_OUTPUT.PUT_LINE('--------------------------------------END OF '||SQLSTR1 ||'-------------------------------------------------------------');
end loop;
end;
when i execute stored procedure out put :
-------------------------------------- START TABLE_NAME:BA_ORG, DATA_UID_GEN_METHOD:ALT1 ,SHORT_TRG_BASENAME:NULL -------------------------------------------------------------
create or replace
TRIGGER "BA_ORG_IU_TRG" BEFORE INSERT ON BA_ORG FOR EACH ROW
BEGIN
If inserting then
   if :new.ROW_CHANGED_BY is NULL then
       :new.ROW_CHANGED_BY := :new.ROW_CREATED_BY;
   end if;
   if :new.DATA_UID is NULL then
       SELECT GENERATE_DATA_UID(BA_ORG,:new.BA_ORG_ID) INTO :new.DATA_UID FROM DUAL;
   end if;
end if;
end if;
END
--------------------------------------END OF BA_ORG-------------------------------------------------------------
i want :
statement :        SELECT GENERATE_DATA_UID(BA_ORG,:new.BA_ORG_ID) INTO :new.DATA_UID FROM DUAL;
to be :       SELECT GENERATE_DATA_UID('BA_ORG',:new.BA_ORG_ID) INTO :new.DATA_UID FROM DUAL;
ie., function GENERATE_DATA_UID('BA_ORG',:new.BA_ORG_ID) first parameter i want Single quote
please help on this

SELECT GENERATE_DATA_UID(''' || SQLSTR1 || ''',:new.' ||
Ramin Hashimzade

Adding SIngle quotes around a Colmn Name stored in a DB Field

I know the SQL I need to execute ( It yeilds 500 rows )
select p.DS_ID
from dbo.v_ds p
inner join dbo.Rpt r
on p.DS_ID = r.PKVal
and r.ColumnNm = 'DS_ID'
BUT the value of r.Column in stored in a table and building it using dynamic SQL , the closest i get is
select p.DS_ID
from dbo.v_ds p
inner join dbo.Rpt r
on p.DS_ID = r.PKVal
and r.ColumnNm = DS_ID
Note that ther single quotes needed are missing and so I get NO rows. I've tried using the ''' + @field + ''' and cannor get it to work.
Any ideas?

Not sure of your try. May be you would have missed the single quote before and after as you said your closest ry result looks like below:
and r.ColumnNm = DS_ID --Without single quotes.

How can I will declare the symbol u2018 (Single Quote) in the report

Hi ,
Could you please tell me how can I will declare the symbol u2018 (Single Quote) in the report.
My requirement is that I have concate the data with single quote and after that I have to store the data in to an internal table and I have to download the data in the form text file in the presentation server.
For example :
Let the below data I want to download into the presentation serve in the format of text file by storing in internal table.
Assume all are constants:
1st line : abcu2019add
2nd line : defu2019gef
Thanks in advance.

Hi Jyothi,
Thanks for the quick reply .
I can agree with you are point but My requirement is like this I am explaining clearly.
I have declared the internal table like this.
DATA: BEGIN OF OTAB OCCURS 0,
LINE (9024),
END OF OTAB.
So I have to append the each line item into the internal table.
So I am explaining what the data I have to append
Ist line contains
'UNBUNOC:2020308u2019 where 020308 I will get the date from reguh table
2nd line contains:
'DTM+20020510' where the 20020510 will be reference document number from the table reguh.
So I want to declare a constant 'UNBUNOC:2
2nd the date from reguh table
And another constant u2018
So that I can concate all the three and I can put into string and I will append into internal table and I can download the data into the presentation server.
Please let me know if you need any more clarification regarding my requirement.
Thanks in advance.

Can we have a Single quote in the tooltip text?

Hi,
We have some tooltips for the presentation columns which contains a single quote.
When I try to view the tooltip from answers the single quote is being replaced by double quotes.
I tried to use all sorts of escape characters for single quote, like "\'" and ''' and "'" but that didn't work.
Is there any way to do this.
Thanks!!
Vasantha.P

As I said in my earlier post, I am looking for the tooltips for the Presentation tables and columns. The tooltips for these were extracted from the RPD using the externalize Strings option and these externalized strings are stored in the database.
So I am escaping the single using a single quote both in rpd and in the database.
Example text I have used both in the rpd and database is something like "Shipment's start time". I tried with "Shipment''s start time", " Shipment'''s start time", but it didn't work.
Thanks!!
Vasantha.P

Adding a single quote in the flash chart legend

Hi all,
I am using a following code to create a line chart.
SELECT null link
,TO_CHAR(monat, 'MON-YY')
,ROUND(No_of_hits/1000) "No of Clicks(''000)"
FROM
SELECT DISTINCT TRUNC(ref_month,'MONTH') monat
,SUM(no_of_hits) OVER (ORDER BY TRUNC(ref_month,'MONTH') RANGE BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) No_of_hits
FROM goodnews_hits
WHERE ref_month BETWEEN :p77_DATE_startline
AND :p77_DATE_endline
ORDER BY monat;
I get the following legend in the top region of the chart
No Of Stories
No of Clicks(''000)
I need the No of Clicks to be displayed as
No of Clicks('000)
i.e.
Only one single quote before 000
Could you please tell me , how this can be achieved?
Thanks,
Archana

As I said in my earlier post, I am looking for the tooltips for the Presentation tables and columns. The tooltips for these were extracted from the RPD using the externalize Strings option and these externalized strings are stored in the database.
So I am escaping the single using a single quote both in rpd and in the database.
Example text I have used both in the rpd and database is something like "Shipment's start time". I tried with "Shipment''s start time", " Shipment'''s start time", but it didn't work.
Thanks!!
Vasantha.P

Embedded Single Quote in SQL Column truncates Java String

I have a jsp web page that queries a database to see what day a user is registered for and then produces an URL for the user to click on. My problem is that the URL being processed stops when an embedded single quote is encountered.
Here is the database side:
Database side:
Create Table registration
(reg_id int not null,
name varchar2(45) not null,
day_nb int not null);
Insert into registration
(reg_id, name, day_nb)
values (1043,'Johnny''s Diner', 1);
Select name, day_nb from registration
where reg_id = 1043;
name, day_nb
Johnny's Diner 1
Snippet of relevant java code: (JSP page)
<%
int day_nb = rs.getInt("day_nb");
String particpant_name = rs.getString("name");
System.out.println("registration.jsp: particpant_name = " + particpant_name);
%>
<td width="84%">
     <a
     href='<%=response.encodeURL("registrationHandler.jsp?"particpant_name="+ particpant_name + "&day_nb="+ day_nb)%>'><%=particpant_name%>
                              </a>
                         </td>
{code}
The following is printed to System.Out:
registration.jsp: particpant_name = Johnny's Diner
The code produces the following URL
http://www.mycompany.com/registrationHandler.jsp?particpant_name=Johnny
The response.encodeURL is stopping on the single quote contained in "Johnny's Diner"
The URL I want is:
http://www.mycompany.com/registrationHandler.jsp?particpant_name=Johnny's Diner&day_nb=1
How do I account for the embedded single quote so the code works properly? Thanks In Advance!

You really need to read up on [SQL Injection|http://en.wikipedia.org/wiki/SQL_injection] and [XSS/Cross-Site Scripting|http://de.wikipedia.org/wiki/Cross-Site_Scripting]. Both present massive security problems and your code seems prone to easily producing both.
For SQL Injection attacks the correct solution is to always use PreparedStatements with only hard-coded String (i.e. never use String concatenation to build SQL statements).
For XSS attacks the solution is a bit harder, but basically you need to learn never to trust user input (that includes user input that you've previously stored in the database!) and always escape what the user sent when you print it back out.

SQL Injection, replace single quote with two single quotes?

Is replacing a single quote with two single quotes adequate
for eliminating
SQL injection attacks? This article (
http://www.devguru.com/features/kb/kb100206.asp
) offers that advice, and it
enabled me to allow users to search name fields in the
database that contain
single quotes.
I was advised to use "Paramaterized SQL" in an earlier post,
but I can't
understand the concept behind that method, and whether it
applies to
queries, writes, or both.

Then you can use both stored procedures and prepared
statements.
Both provide better protection than simply replacing
apostrophes.
Prepared statements are simple:
Set myCommand = Server.CreateObject("ADODB.Command")
...snip...
myCommand.CommandText = "INSERT INTO Users([Name], [Email])
VALUES (?, ?)"
...snip...
myCommand.Parameters.Append
myCommand.CreateParameter("@Name",200,1,50,Name)
myCommand.Parameters.Append
myCommand.CreateParameter("@Email",200,1,50,Email)
myCommand.Execute ,,128 'the ,,128 sets execution flags that
tell ADO not to
look for rows to be returned. This saves the expense of
creating a
recordset object you don't need.
Stored procedures are executed in a similar manner. DW can
help you with a
stored procedure through the "Command (Stored Procedure)"
server behavior.
You can see a full example of a prepared statement by looking
at DW's
recordset code after you've created a recordset using version
8.02.
"Mike Z" <[email protected]> wrote in message
news:eo5idq$3qr$[email protected]..
>I should have repeated this, I am using VBScript in ASP,
with an Access DB.
>

Copying a table with the right-click menu in schema browser fails to copy comments when string has single quote(s) (ascii chr(39))

Hi,
I'm running 32-bit version of SQL Developer v. 3.2.20.09 build 09.87, and I used the built in context menu (right-clicking from the schema browser) today to copy a table. However, none of the comments copied. When I dug into the PL/SQL that the menu-item is using, I realized that it fails because it doesn't handle single quotes within the comment string.
For example, I have a table named WE_ENROLL_SNAPSHOT that I wanted to copy as WE_ENROLL_SNAPSHOT_V1 (within same schema name)
1. I right-clicked on the object in the schema browser and selected Table > Copy...
2. In the pop-up Copy window, I entered the new table name "WE_ENROLL_SNAPSHOT_V1" and ticked the box for "Include Data" option. -- The PL/SQL that the menu-command is using is in the "SQL" tab of this window. This is what I extracted later for testing the issue after the comments did not copy.
Result: Table and data copied as-expected, but no column or table comments existed.
I examined the PL/SQL block that the pop-up window issued, and saw this:
declare
l_sql varchar2(32767);
c_tab_comment varchar2(32767);
procedure run(p_sql varchar2) as
begin
     execute immediate p_sql;
end;
begin
run('create table "BI_ETL".WE_ENROLL_SNAPSHOT_V1 as select * from "BI_ETL"."WE_ENROLL_SNAPSHOT" where '||11||' = 11');
select comments into c_tab_comment from sys.all_TAB_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and comments is not null;
run('comment on table BI_ETL.WE_ENROLL_SNAPSHOT_V1 is '||''''||c_tab_comment||'''');
for tc in (select column_name from sys.all_tab_cols where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT')
    loop
   for c in (select comments from sys.all_col_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and column_name=tc.column_name)
   loop
   run ('comment on column BI_ETL.WE_ENROLL_SNAPSHOT_V1.'||tc.column_name||' is '||''''||c.comments||'''');
end loop;
end loop;
EXCEPTION
WHEN OTHERS THEN NULL;
end;
The string of the table comment on WE_ENROLL_SNAPSHOT is this:
WBIG table of frozen, point-in-time snapshots of Enrolled Students by Category/term/pidm. "Category" is historically, and commonly, our CENSUS snapshot; but, can also describe other frequencies, or categorizations, such as: End-of-Term (EOT), etc. Note: Prior to this table existing, Census-snapshots were stored in SATURN.SNAPREG_ALL. All FALL and SPRING term records prior-to-and-including Spring 2013 ('201230') have been migrated into this table -- EXCEPT a few select prior to Fall 2004 (200410) records where there are duplicates on term/pidm. NO Summer snapshots existed in SNAPREG_ALL, but were queried and stored retroactively (including terms prior to Spring 2013) for the purpose of future on-going year-over-year analysis and comparison.
Note the single quotes in the comment: ... ('201230')
So, in the above PL/SQL line 11 grabs this string into "c_tab_comment", but then line 12 fails because of the single quotes. It doesn't know how to end the string because the single quotes in the string are not "escaped", and this messes up the concatenation on line 12. (So, then no other column comments are created either because the block throws an error, and goes to line 22 for the exception and exits.)
When I modify the above PL/SQL as my own anonymous block like this, it is successful:
declare
c_tab_comment VARCHAR2(32767);
begin
SELECT REPLACE(comments,chr(39),chr(39)||chr(39)) INTO c_tab_comment FROM sys.all_TAB_comments WHERE owner = 'BI_ETL'   AND table_name = 'WE_ENROLL_SNAPSHOT' AND comments IS NOT NULL;
EXECUTE IMMEDIATE 'comment on table BI_ETL.WE_ENROLL_SNAPSHOT_V1 is '''||c_tab_comment||'''';
for tc in (select column_name from sys.all_tab_cols where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT')
    loop
   for c in (select REPLACE(comments,chr(39),chr(39)||chr(39)) comments from sys.all_col_comments where owner = 'BI_ETL' and table_name = 'WE_ENROLL_SNAPSHOT' and column_name=tc.column_name)
   loop
   EXECUTE IMMEDIATE 'comment on column BI_ETL.WE_ENROLL_SNAPSHOT_V1.'||tc.column_name||' is '||''''||c.comments||'''';
end loop;
end loop;
EXCEPTION
WHEN OTHERS THEN NULL;
end;
On lines 4 and 8 I wrapped the "comments" from sys.all_tab_comments and sys.all_col_comments with a replace command finding every chr(39) and replacing with chr(39)||chr(39). (On line 8 I also had to alias the wrapped column as "comments" so line 10 would succeed.)
Is this an issue with SQL Developer? Is there any chance that the menu-items can handle single quotes in comment strings? ... And, of course this makes me wonder which other context menu commands in the tool might have a similar issue.
Thoughts?
thanks//jacob

PaigeT wrote:
I know about quick drop, but it isn't helpful here. I want to be able to right click on a string or array wire, navigate to the string or array palette, and select the corresponding "Empty?" comparator. In this case, since I do actually know where those functions live, and I'm already using my mouse to right click on the wire, typing ctrl-space to open quick drop and then typing in the function name is actually more work than navigating to it in the palette. It would just be nice to have it on hand in the location I naturally go to look for it the first time.
I don't agree with this work flow. Right hand on mouse, left hand on home keys. Pressing CTRL + Space is done with the left hands, and then you could assign "ea" to "Empty Array" both of which is accessible with the left hand. Darren posted a bunch of great shortcuts for the right handed developer.
https://decibel.ni.com/content/docs/DOC-20453
This is much faster than waiting for any right click menu navigation, even if it is found in the suggested subpalette.
Unofficial Forum Rules and Guidelines - Hooovahh - LabVIEW Overlord
If 10 out of 10 experts in any field say something is bad, you should probably take their opinion seriously.

3 videos' names are enclosed in single quotes which I can't get rid of

These videos weren't from iTunes. Two came from AOL video, and I'm not sure where I got the third one. This is what I mean: http://matt.kinabrew.com/images/png/itunesannoyingsinglequotes.png
Can anyone tell me how to get rid of the single quotes?
I've tried three things:
First, I tried removing the quotes from within iTunes. But playing any file put them right back.
Next, I tried removing the quotes from within iTunes, quitting iTunes, and renaming the files, but when I would play a file, the quotes would come back.
Then, I tried quitting iTunes, editing the quotes out of the "iTunes Music Library.xml" file, deleting the "iTunes Library" file, renaming the files in the Finder and re-importing the edited "iTunes Music Library.xml" file into iTunes. Again, playing any song put the quotes right around that file's name.
I thought this was just an issue with a single (corrupt) file until tonight, when I added two more videos to iTunes and saw the quotes around those, too. Now I think none of the files are corrupt and that it's a bug with iTunes.
This happens on both a Power Mac G5 and a MacBook Pro, both with all available updates installed.
Mac OS X (10.4.8) MacBook Pro, Power Mac G5

sjonesmcd wrote:
I have solved the problem by going in, tapping the cloud symbol to download them, and then deleting them. They were being stored on my device with the cloud symbol as I have been gaining storage space by doing this. it is taking forever, but it is finally getting rid of them. Weird little glitch.
Not a glitch. That is the way this works. Once you tap that cloud symbol to start downloading a movie, it sort of remains in limbo until you totally download it and then you can delete it as you found out.
Why it works this way is beyond me, but that's how it works on my iPad and that is exactly how it wrks on any iPad - at least as far as I know. I have seen many users describe this very same behavior that you did and once their videos were completely downloaded, they could then be deleted.

How to pass presentation variable with enclosing single quotes

HI All,
As all of you know in 11g, Presentation variable can hold more than one value.So we can pass multiple values to the report through presentation variable.
If we select x,y,z values from prompt drop down,then those values will be stored like x,y,z in the presentation variable.
but I would like to store these values with enclosing single quotes like 'x,y,z'
The reason is I need to pass this variable value as input to BI Publisher sql dataset query where clause.
Please share your Ideas.
Thanks,
Aravind

Aravind,
Check this
Predefined Presentation Variables in OBIEE 11G | Praveen&#039;s Blog

How to handle XML string with Single Quotes as a parameter to SP dynamically?

Hi,
I would like to know if there is a way to handle the Single Quotes in XML value when it is passed to Stored Procedure?
I should be able to handle it without adding another Single Quote to it.
Thanks,
Chandra Shekar

Hi Chandra,
Your requirement is not precise. Based on my understanding and guessing, are you metioning something like the below sample?
/*If the xml is generated you have no need to escape the singe quote(')*/
DECLARE @xmlTbl TABLE (ID INT,name VARCHAR(99));
INSERT INTO @xmlTbl VALUES(1,'Eric''s')
INSERT INTO @xmlTbl VALUES(2,'Zhang''s')
DECLARE @xmlDoc1 XML
SELECT @xmlDoc1
FROM @xmlTbl FOR XML PATH('PERSON'),ROOT('PERSONS')
EXEC yourProcedure @xmlDoc1
/*If your copy and paste the xml, you have to escape the single quote(') with 2s('')*/
DECLARE @xmlDoc2 XML
SET @xmlDoc2 = '<PERSONS>
<PERSON>
<ID>1</ID>
<name>Eric''s</name>
</PERSON>
<PERSON>
<ID>2</ID>
<name>Zhang''s</name>
</PERSON>
</PERSONS>'
EXEC yourProcedure @xmlDoc2
If that is not regarding your requirement, please elaborate with more details.
Eric Zhang
TechNet Community Support

SSAS SSRS Report Action on Cell Value w/ Embedded Single Quote Not Executing

I have configured an SSAS 2008 R2 cube SSRS ReportAction. I'm having problems when the member value for a cell has an embedded single quote, e.g. abc's. The action displays on the context menu appropriately, but when I click on the action, nothing happens.
For member values that do not have the single quote, the action works as designed. I've added a calculated ember to escape the embedded single quote by adding another single quote, e.g. abc''s, with no luck. Is there a resolution or workaround for this?

Hi Mdccuber,
According to your description, you create a reporting action in you cube, and it works fine except the members that have embedded single quote, right? In your scenario, it seems that you pass this value to the report as the parameter.
In SQL Server Analysis Services (SSAS), when pass values to a report, multi-select parameters have to be placed into IN statement and SQL Server Reporting Services (SSRS) will do single-quote wrapping for string values automatically. In this case, the original
value that have embedded single quote will be damaged. So this action not work. You can submit a feedback at
http://connect.microsoft.com/SQLServer/Feedback and hope it is resolved in the next release of service pack or product.
Regards,
Charlie Liao
TechNet Community Support

SSRS Report Returning Double Quote string from a Single Quote String

Hi, I'm getting weird thing in resultset from SSRS report when executed. When I pass parameter to a report, which passes String that has single quote value to a split function , it returns rows with double quote.
For example following string:
'N gage, Wash 'n Curl,Murray's, Don't-B-Bald
Returns:
''N gage, Wash ''n Curl,Murray''s, Don''t-B-Bald
through SSRS report.
Here is the split function Im using in a report.
CREATE Function [dbo].[fnSplit] (
@List varchar(8000),
@Delimiter char(1)
Returns @Temp1 Table (
ItemId int Identity(1, 1) NOT NULL PRIMARY KEY ,
Item varchar(8000) NULL
As
Begin
Declare @item varchar(4000),
@iPos int
Set @Delimiter = ISNULL(@Delimiter, ';' )
Set @List = RTrim(LTrim(@List))
-- check for final delimiter
If Right( @List, 1 ) <> @Delimiter -- append final delimiter
Select @List = @List + @Delimiter -- get position of first element
Select @iPos = Charindex( @Delimiter, @List, 1 )
While @iPos > 0
Begin
-- get item
Select @item = LTrim( RTrim( Substring( @List, 1, @iPos -1 ) ) )
If @@ERROR <> 0 Break -- remove item form list
Select @List = Substring( @List, @iPos + 1, Len(@List) - @iPos + 1 )
If @@ERROR <> 0 Break -- insert item
Insert @Temp1 Values( @item ) If @@ERROR <> 0 Break
-- get position pf next item
Select @iPos = Charindex( @Delimiter, @List, 1 )
If @@ERROR <> 0 Break
End
Return
End
FYI: I'm getting @List value from a table and passing it as a string to split function.
Any help would be appreciated!
ZK

Another user from TSQL forum posted this code which is returning the same resultset but when I execute both codes in SQL server it works and return single quote as expected.
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/8d5c96f5-c498-4f43-b2fb-284b0e83b205/passing-string-which-has-single-quote-rowvalue-to-a-function-returns-double-quoate?forum=transactsql
CREATE FUNCTION dbo.splitter(@string VARCHAR(MAX), @delim CHAR(1))
RETURNS @result TABLE (id INT IDENTITY, value VARCHAR(MAX))
AS
BEGIN
WHILE CHARINDEX(@delim,@string) > 0
BEGIN
INSERT INTO @result (value) VALUES (LEFT(@string,CHARINDEX(@delim,@string)-1))
SET @string = RIGHT(@string,LEN(@string)-CHARINDEX(@delim,@string))
END
INSERT INTO @result (value) VALUES (@string)
RETURN
END
GO
ZK

Report parameter field value has a single quote. need to escape before pass

Report has a parameter whose value might have a single quote in it. If I pass that value directly into the SQL Command... like
where ... user_name = {?parm_user_name}...
which would translate to
user_name='O'Donnel Honda'
I am getting an error... so would like to convert this parameter value into 'O''Donnel Honda' before passing into the query.
I created a formula called parse_user_name with following:
Replace ({?parm_user_name}, "'", "''")
And used in the query like
where ... user_name = {@parse_user_name}...
I am getting an error like invalid SQL92 character...

I think you should use the condition like this
where ... user_name = '{?parm_user_name}'
keep the parameter in single quote at the command level itself.
Now use the same formula like
replace({?Parameter},"'","''")
This works only if the parameter is a single value parameter but not multi value parameter.
Regards,
Raghavendra

Single quotes to be stored

Similar Messages

Maybe you are looking for