Reputation: 11
Special Characters in MySQL Query on C# .Net
One of my names in my data looks like this O'Neil
When I am putting this into my MySQL Query it looks like this 'O'Neil' Unfortunately it reads the ' between the O and causes an error. I Don't want to replace the ', I still want the name to be O'Neil. Can anyone recommend a way to do this?
I'm using C# (.Net).
Thanks.
CM888.
Upvotes: 0
Views: 1004
Answers (3)
Reputation: 2487
You should use parameterized queries.Answers for this post are examples of parameterized queries.Indirectly you are performing sql Injection. parameterized queries avoids sql injection and moreover it is a good practice too.
Upvotes: 3
Reputation: 1503859
Jose is right - you should absolutely use parameterized queries.
This avoids:
- SQL injection attacks
- Invalid SQL due to quotes etc
- Issues with date/time and numeric formats
It's also just a generally good idea to separate code from data.
See Bobby Tables for more.
Upvotes: 3
Reputation: 6088
Use the SQL escape character ''.
'O''Neil'
ref : http://www.orafaq.com/faq/how_does_one_escape_special_characters_when_writing_sql_queries
Upvotes: 2
Related Questions
- C# Mysql UTF8 Encoding
- Escape special characters in MySQL using C# and ASP.Net
- SQL special characters escaping from input
- Mysql query with special characters?
- C# string with special characters to MySQL varchar column
- C# with MySql and Unicode characters
- SQL Query and special chars
- MySQL interpreting special characters in generated query
- Problems displaying/inserting special characters, MySql ASP.NET
- Escaping MySQL characters in .NET