Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » ElevateDB Technical Support » Support Forums » ElevateDB SQL » View Thread |
Messages 1 to 4 of 4 total |
Privileges |
Thu, Feb 14 2008 8:54 PM | Permanent Link |
"Lance Ras" | I have the following code:
MyDModule.ConfigurationQuery.SQL.Clear; MyDModule.ConfigurationQuery.SQL.Text := 'GRANT ALL PRIVILEGES ON DATABASE ' + Engine.QuotedSQLStr(DATABASE_NAME) + ' TO ' + DATABASE_ADMIN_USER; try MyDModule.ConfigurationQuery.ExecSQL; finally MyDModule.ConfigurationQuery.Close; end; The database name is a constant and is a name without spaces. I get an exception that the SQL is expecting the name of the database. If I remove the quotedSQLStr, then it work. I guess the question is... what if this wasn't a constant and the customer created a database with a space? My expectation would be that if I took a safe approach and put double qoutes around it, it would work, regardless. I notice this behaviour as well when creating users. I would expect that I could doubleqoute the user name and password in case the user uses spaces. Lance |
Fri, Feb 15 2008 4:18 AM | Permanent Link |
Roy Lambert NLH Associates Team Elevate | Lance
Quick cut from the manual "QuotedSQLStr method to properly format and escape any embedded single quotes in the string." You need double quotes (I think) Roy Lambert |
Fri, Feb 15 2008 6:08 AM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Lance,
<< If I remove the quotedSQLStr, then it work. >> Roy is correct - QuotedSQLStr only deals with literals enclosed in single-quotes. -- Tim Young Elevate Software www.elevatesoft.com |
Fri, Feb 15 2008 3:54 PM | Permanent Link |
"Lance Ras" | Well don't that beat all..... How about <possiblestringwithspace>
</possiblestringwithspace> XML capability instead.... Thanks Roy / Tim! "Lance Ras" <lance@cdesoftware.com> wrote in message news:D47FA3C6-7A74-4007-B302-CB72461788C1@news.elevatesoft.com... >I have the following code: > > MyDModule.ConfigurationQuery.SQL.Clear; > MyDModule.ConfigurationQuery.SQL.Text := > 'GRANT ALL PRIVILEGES ON DATABASE ' + Engine.QuotedSQLStr(DATABASE_NAME) > + > ' TO ' + DATABASE_ADMIN_USER; > try > MyDModule.ConfigurationQuery.ExecSQL; > finally > MyDModule.ConfigurationQuery.Close; > end; > > The database name is a constant and is a name without spaces. > > I get an exception that the SQL is expecting the name of the database. > > If I remove the quotedSQLStr, then it work. > > I guess the question is... what if this wasn't a constant and the > customer created a database with a space? > > My expectation would be that if I took a safe approach and put double > qoutes around it, it would work, regardless. > > I notice this behaviour as well when creating users. I would expect that > I could doubleqoute the user name and password in case the user uses > spaces. > > Lance |
This web page was last updated on Friday, May 3, 2024 at 08:07 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |