Forums before death by AOL, social media and spammers... "We can't have nice things"
| comp.databases.ms-sqlserver | Notorious Rube Goldberg contraption | 19,505 messages |
[ << oldest | < older | list | newer > | newest >> ]
| Message 18,722 of 19,505 |
| Erland Sommarskog to Gene Wirchenko |
| Re: Escape Characters in Strings |
| 22 Aug 12 21:14:55 |
XPost: microsoft.public.sqlserver.programming From: esquel@sommarskog.se Gene Wirchenko (genew@ocis.net) writes: > My question was really whether there are any other escape > characters? Are there? No. > No. I will be passing parameters, but I need to be sure that > they are properly delimited and escaped. For example, if I do not > escape quotes, it may allow trouble. As long as you don't build SQL strings from input data, there is no trouble. No need to delimit, no need to escape. Again from a strict SQL perspective. There may be business rules requiring you to deal with certain characters. But given that the apostrophe is an essential character in English ortography, I don't think that the single quote is one these characters. -- Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se Links for SQL Server Books Online: SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx --- SoupGate-Win32 v1.05 * Origin: you cannot sedate... all the things you hate (1:229/2) |
(c) 1994, bbs@darkrealms.ca