Icon View Incident Report

Serious Serious
Reported By: Rolf Frei
Reported On: 11/5/2000
For: Version 2.04 Build 1
# 647 Embedded Quotes in SQL and Filter Strings Not Being Handled Properly

I use some code witxh produces Selects from user entries. Now I get a problem if the user enters a " or ' in his text. The resulting SQL will than look as this;

Select * From TableXY Where Field1 like '%Title 'das"jsjs'%';

The user entered: Title 'das"jsjs'

Is there a way for DBISAM to transform the user text into a form which is valid in the SQL? At the moment we get an error, as you for sure knowns. In most cases Parmeters can solve this problem, but in my situation the SQL is generated from a 3rd party bibliothek.

Comments Comments
The embedded quotes were being parsed properly, however the extra quote used as an escape character was not being removed in the resultant string literal that was used in the SQL or filter.

Resolution Resolution
Fixed Problem on 11/6/2000 in version 2.05 build 1