Reputation: 32276
escape single quotes
I have a table like this...
select * from myescape;
+-----------+
| name |
+-----------+
| shantanu' |
| kumar's |
+-----------+
2 rows in set (0.00 sec)
I need to replace the single quote ' with \'
I will also need to escape double quotes and backslash.
Upvotes: 8
Views: 22989
Answers (4)
Reputation: 4797
Try this:
SELECT REPLACE( REPLACE( name , "'", "\\'" ) , '"', '\\"' )
FROM myescape
Upvotes: 2
Reputation: 538
Try this;
UPDATE myescape SET name = REPLACE(name, "'", "\\'");
You may want to think precisely about why you might want to do this (as Tomalak has said). Even in a stored procedure these fields should be strings, not commands.
Upvotes: 9
Reputation: 536715
The point of prepared statements is that you don't have to include content in them. Use a PREPARE query with ? placeholders and then EXECUTE ... USING to pass the values in without having to escape them.
Don't try to do escaping yourself, because you're likely to make mistakes. Depending on what encoding you're using, there can be more to it than just backslash-escaping quotes, backslash and null.
Upvotes: 19
Reputation: 14873
You can use char function.
mysql> SELECT QUOTE('Don\'t!');
-> 'Don\'t!'
mysql> SELECT QUOTE(NULL);
Helpful link
- http://it.toolbox.com/wiki/index.php/How_do_I_escape_single_quotes_in_SQL_queries%3F
- http://www.webproworld.com/webmaster-forum/threads/61969-single-quote-in-mysql-record
Upvotes: 2
Related Questions
- How to escape apostrophe (a single quote) in MySql?
- How to escape single quotes in MySQL?
- escape from single quotes data in mysql query
- mysql escaping single and double quotes
- How to escape single & double quotes in MySQL select?
- MySql ENCLOSED BY double quote
- Escaping correctly QUOTE characters in SQL query
- How to escape quotes in this case?
- MySQL Escaping issues
- MySQL Escape double quotes in query result