tags:

views:

878

answers:

6

NOTE: It's probably a duplicate but I can't find working answer.

Following is what i'm trying todo, notice a ' in the value. How do I fix this?

INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman'Thul')

I use MS SQL Server Management Studio 2008.

EDIT: I'm writing a script to populate a lookup table (ID<->Name).

+6  A: 

This will work:-

INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman''Thul')

Ordinarily the only reason to have such hardcoded values in T-SQL is in DB construction code such as initialising look up tables.

Otherwise this code might be a result of string concatenation to build up some T-SQL from some input source. If that is the case its worth finding ways to avoid it since it can open your application to SQL injection attacks.

AnthonyWJones
+3  A: 
INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman''Thul')
Svetlozar Angelov
+1  A: 

Use two single quotes to escape a single quote in the string

INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman''Thul')

Thanks

Mahesh Velaga
+3  A: 

Use double single quote(but no double quote)as

INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman''Thul')

http://blog.sqlauthority.com/2008/02/17/sql-server-how-to-escape-single-quotes-fix-error-105-unclosed-quotation-mark-after-the-character-string/

Frank
+1  A: 

Just double it up:

INSERT INTO [pugraider].[dbo].[Realms]([Name]) VALUES('Aman''Thul')
GrayWizardx
+1  A: 

The escape character in t-sql is a single quote. So the 'Aman'Thul' should be changed to 'Aman''Thul'

rosscj2533