Home » U++ Library support » U++ SQL » SQL, U++, and Escape Characters[SOLVED]
| SQL, U++, and Escape Characters[SOLVED] [message #3300] |
Thu, 18 May 2006 19:50  |
Justin
Messages: 57
Registered: March 2006
Location: Orange County California
|
Member |
|
|
Hey Guys,
I am writing a database application that is having problems inserting text into the database with special characters such as the single quote charater ' . This is typical and I have experience in PHP with this situation. In PHP, you would need to use a function that would add the escape character '\' before any character that required it so that the database would not have an issue. Is there anyway to have this done in U++ so that I can insert a single quote and other special characters without having to create some validation function?
Jusitn
[Updated on: Thu, 18 May 2006 23:16] Report message to a moderator |
|
|
|
| Re: SQL, U++, and Escape Characters [message #3301 is a reply to message #3300] |
Thu, 18 May 2006 19:58  |
 |
mirek
Messages: 13975
Registered: November 2005
|
Ultimate Member |
|
|
| Justin wrote on Thu, 18 May 2006 13:50 |
Hey Guys,
I am writing a database application that is having problems inserting text into the database with special characters such as the single quote charater ' . This is typical and I have experience in PHP with this situation. In PHP, you would need to use a function that would add the escape character '\' before any character that required it so that the database would not have an issue. Is there anyway to have this done in U++ so that I can insert a single quote and other special characters without having to create some validation function?
Jusitn
|
Well, this is quite RDBMS specific.
In general, using "SetParam" inteface (means, no SqlExp), things should work without escaping, at least for MySql. In Oracle, we are using SqlRaw datatype...
Unfortunately, it seems like SqlExp does not yet account for this problem. My guess is that this should be done inside SqlExp (constructor SqlVal from String), based on current "SQL dialect".
MIrek
|
|
|
|
| Re: SQL, U++, and Escape Characters [message #3302 is a reply to message #3300] |
Thu, 18 May 2006 20:05 |
Justin
Messages: 57
Registered: March 2006
Location: Orange County California
|
Member |
|
|
Interesting, so my best bet is to just create some sort of validating function to automatically change the single quote to have an escape character in front of it?
Also, I have another question:
What is the syntax for the Update function for the SQL dialect. Here is what I use for Insert (Found it in the example),
sql*Insert(DB_NAME)(DB_CUSTNAME, ~supportmodify.edtName);
I am not sure how do to the same, but to update a particular record according to the primary key. I am assuming some sort of
sql*Update(DB_NAME)(DB_CUSTNAME, ~supportmodify.edtName)Where(DB_TICKET, ~supportmodify.lblTicket);
This example does not work however.
Justin
[Updated on: Thu, 18 May 2006 20:07] Report message to a moderator |
|
|
|
| Re: SQL, U++, and Escape Characters [message #3305 is a reply to message #3302] |
Thu, 18 May 2006 23:00 |
|
mirek
Messages: 13975
Registered: November 2005
|
Ultimate Member |
|
|
sql * Update(TABLE)(COLUMN, value).Where(KEY == key_value)
When called within GUI widget, you canot use plain "Update", because Update is one of Ctrl member functions; use "::Update" or "SqlUpdate" instead.
Note also that you can create insert and update in more steps:
SqlSet ins = Insert(TABLE);
ins(COLUMN, val);
ins(COL2, val);
...
That is quite useful when values and names of columns are in some sort of array (or something like that).
As for that raw data / escape problem, the best bet is to use "SetParam" syntax:
SQL.Execute("update MYTAB set RAWCOLUMN = ?", raw_value);
but, unfortunately, it is quite RDBMS specific (at there is little that can be done with it).
Anyway, I am all for altering SqlExp to perform escaping of string data. The only trouble is that we should not make SqlExp depend on specific RDBMS libraries; means we should make that escaping code ourselves.
Mirek
[Updated on: Thu, 18 May 2006 23:01] Report message to a moderator |
|
|
|
| Re: SQL, U++, and Escape Characters [message #3306 is a reply to message #3305] |
Thu, 18 May 2006 23:16 |
Justin
Messages: 57
Registered: March 2006
Location: Orange County California
|
Member |
|
|
Thank you very much. You are always very helpful. I would love to eventually give back to the UPP community since it has done so much for me.
Justin
|
|
|
|
Goto Forum:
Current Time: Thu Apr 18 22:06:15 CEST 2024
Total time taken to generate the page: 0.02013 seconds
|
Members
Pages
Help
Register
Login
Home
