Elevate Software

Login Login

ProductsBulletSalesBulletSupportBulletDownloadsBulletAbout



Home » Technical Support » DBISAM Technical Support » Incident Reports » Incident Reports Addressed for Version 2.05 » View Incident Report

Icon View Incident Report

Serious Serious
Reported By: Rolf Frei
Reported On: 11/5/2000
For: Version 2.04 Build 1
# 647 Embedded Quotes in SQL and Filter Strings Not Being Handled Properly
I use some code witxh produces Selects from user entries. Now I get a problem if the user enters a " or ' in his text. The resulting SQL will than look as this;

Select * From TableXY Where Field1 like '%Title 'das"jsjs'%';

The user entered: Title 'das"jsjs'

Is there a way for DBISAM to transform the user text into a form which is valid in the SQL? At the moment we get an error, as you for sure knowns. In most cases Parmeters can solve this problem, but in my situation the SQL is generated from a 3rd party bibliothek.

Comments Comments
The embedded quotes were being parsed properly, however the extra quote used as an escape character was not being removed in the resultant string literal that was used in the SQL or filter.

Resolution Resolution
Fixed Problem on 11/6/2000 in version 2.05 build 1
More Support Options More Support Options

Option Search Incident Reports
Option Support Forums
Option Frequently Asked Questions
Option Technical Bulletins
Option Technical Articles
Option Product Manuals
Option Roadmap


This web page was last updated on
Tuesday, April 23, 2024 at 08:39 AM

Privacy PolicyBulletSite Map

© 2024 Elevate Software, Inc. All Rights Reserved
Questions or comments ? E-mail E-mail us at info@elevatesoft.com

Image