Mailing List Archive: SQL search problem

SQL search problem

Jan 4, 2001, 6:22 AM

Post #1 of 3 (613 views)

Hi,
Somebody can tell, whether I can use
a _'_ character inside the SQL-request?

If i said :

[.query ml=10 more=1 list=1
query="
select sku, title, price, authors, pubdate, category
from products
where authors = '[value f_value]'"
]

and inside the [value f_value] meets _'_ character,
browser show "Internal Server Error" (500), because
line of SQL-request terminated on a _'_ -character!

Please, help!

SQL search problem [ In reply to ]

msquared at digitalwizards

Jan 4, 2001, 7:37 PM

Post #2 of 3 (622 views)

Permalink

On Thu, Jan 04, 2001 at 04:22:32PM +0300, Sergey Sheykin wrote:

> [.query ml=10 more=1 list=1
> query="
> select sku, title, price, authors, pubdate, category
> from products
> where authors = '[value f_value]'"
> ]
>
> and inside the [value f_value] meets _'_ character,
> browser show "Internal Server Error" (500), because
> line of SQL-request terminated on a _'_ -character!

Most dialects of SQL required you to place two _'_ characters together to
quote as one _'_ character. For example:

query="
select sku, title, price, authors, pubdate, category
from products
where authors = 'that''s the right way to enter an apostrophe'"

This would select products where authors is:

that's the right way to enter an apostrophe

Now, how you go about making Interchange deal with this, I don't know.
Anyone else?

2
Regards, /|/|
/ | (MSquared)
--
___________________________________________
M Squared <msquared@digitalwizards.com.au>
Code monkey (programmer)
Digital Wizards
http://www.digitalwizards.com.au

SQL search problem [ In reply to ]

sheich at mosinfo

Jan 9, 2001, 6:27 AM

Post #3 of 3 (611 views)

Permalink

Dear Msquared,

how can i trace, in what place Interchange treats variables,
transferred by me from the form?

I test /interchange/lib/vend/table/dbi.pm
and can't do this.

In dbi.pm i can only treat a $query variable (bodily),
and can't change a value for search .

> -----Original Message-----
> From: interchange-users-admin@lists.akopia.com
> [mailto:interchange-users-admin@lists.akopia.com]On Behalf Of msquared
> Sent: Friday, January 05, 2001 5:37 AM
> To: interchange-users@lists.akopia.com
> Subject: Re: [ic] SQL search problem
>
>
> On Thu, Jan 04, 2001 at 04:22:32PM +0300, Sergey Sheykin wrote:
>
> > [.query ml=10 more=1 list=1
> > query="
> > select sku, title, price, authors, pubdate, category
> > from products
> > where authors = '[value f_value]'"
> > ]
> >
> > and inside the [value f_value] meets _'_ character,
> > browser show "Internal Server Error" (500), because
> > line of SQL-request terminated on a _'_ -character!
>
> Most dialects of SQL required you to place two _'_ characters together to
> quote as one _'_ character. For example:
>
> query="
> select sku, title, price, authors, pubdate, category
> from products
> where authors = 'that''s the right way to enter an apostrophe'"
>
> This would select products where authors is:
>
> that's the right way to enter an apostrophe
>
>
> Now, how you go about making Interchange deal with this, I don't know.
> Anyone else?
>
> 2
> Regards, /|/|
> / | (MSquared)
> --
> ___________________________________________
> M Squared <msquared@digitalwizards.com.au>
> Code monkey (programmer)
> Digital Wizards
> http://www.digitalwizards.com.au
>
> _______________________________________________
> Interchange-users mailing list
> Interchange-users@lists.akopia.com
> http://lists.akopia.com/mailman/listinfo/interchange-users