tags:

views:

81

answers:

3
+1  Q: 

Error when replacing words that contain quotes in mySQL

I have updated many records already, but when it came to a word that contains a quote I get this error: "ERROR: Unclosed quote @ 1357"

I know why it's giving me this error, I just don't how to solve it.

Here's a sample: UPDATE invnum SET cAccountName = replace(cAccountName,'JOHN'S','BEN')

Thanks in advance.

+2  A: 

Escape quotes inside strings:

UPDATE invnum SET cAccountName = replace(cAccountName,'JOHN\'S','BEN')

You want to be really careful with this - not dealing with this properly is the source of SQL injection attacks, and is a major source of security problems.

Dominic Rodger  2009-09-11 09:13:51
A: 

Try this instead:

UPDATE invnum SET cAccountName = replace(cAccountName,"JOHN'S","BEN")

If you need to use both types of quotes within a string, then you'll need to escape the type of quotes you use to surround the string when they occur within it (otherwise the SQL interpreter will think the string ends before it actually does.

For instance:

Johns   becomes "Johns"
John's  becomes "John's" or 'John\'s'
"John"  becomes '"John"' or "\"John\""

et cetera.

Amber  2009-09-11 09:13:52
thanks. I want to choose the second option, but what should i use: "John's" or 'John\'s' - does it matter?
sami  2009-09-11 09:36:59
Either will work - the point is that you have to choose a type of quote to surround your strings with, and then if you need to use whichever type you chose within the string as well, you'll have to escape it. So if you're only using 1 type of quotes within the string, it's handy to choose the other type to enclose it since you won't need to escape.
Amber  2009-09-11 10:33:29
this is only possible in mysql. other database servers do not support this mixed quoting style.
longneck  2009-09-11 13:17:24
@longneck: And the OP was asking in regards to MySQL.
Amber  2009-09-11 22:16:42
+2  A: 

if you’re using a script to update your records use a builtin escaping function. for php that would be mysql_real_escape_string

knittl  2009-09-11 09:35:09

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL