INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

using ' or % in update

using ' or % in update

(OP)

hi ,
i want to update blow code. how can i update when there is ' or % or ---- in varchar column.
ÖNCE KUMAŞLAR YIKANARAK GÖNDERİLDİ,İSTANBUL'DA ETEK DİKİLDİ TEKRAR GELİP YIKANDI----


update model_num_det_yikama set kms_kodu=null ,lotbolge='Merkez Kesim'
,def='ÖNCE KUMAŞLAR YIKANARAK GÖNDERİLDİ,İSTANBUL'DA ETEK DİKİLDİ TEKRAR GELİP YIKANDI----'
,kms_karisim='11.5OZ 3/1Z %98CO%2EA' ,uretimyeri='KÜLEK KONFEKSİYON ÇETİN KÜLEK' ,receteno=null ,yikamareceteno=null ,yikamarecetedef='DA'
,cus_code=null ,isemriqty='1541' ,kazanqty=null ,kgqty=null ,kazanmaxqty=99 where model_num=2908

RE: using ' or % in update

Turn any ' into double ''
Turn any % into [%]

Or parameterize your queries.

Bye, Olaf.

RE: using ' or % in update

(OP)
hi thank you for replay.
i know it it is also possible to use replace function in my VB code before using sql

but i want to use a way to update a table like store procedure wout using store procedure. because sp doesnt need to convert data
which use ' or %.


RE: using ' or % in update

Well, as I said, parameterizing your queries you don't need to escape such characters, but when you create dynamic sql no matter if on the VB side or within stored procs, you have to escape such characters in string literals. By the way % is only needing escaping within a LIKE clause meant to find literally %, but otherwise needs no escaping. Also ' only needs to be escaped when you write queries with literal strings.

If your code is SELECT * FROM dbo.sometable WHERE somecolumn = @someparameter, the string value passed in as @someparameter does not need single quotes escaped.

Escaping is merely a problem of code containing literal strings, because they must be delimited with (enclosed by) single quotes. Every single quote inside the string needs to be escaped to tell that this is not meant as the end of string delimiter, but as literal single quote, which is part of the string. The necessety is not that hard to understand, is it?

Bye, Olaf.

RE: using ' or % in update

(OP)
thank you.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close