Sign in to follow this  
Followers 0
BobRoss

Formatting for Variables within sproc string

3 posts in this topic

Hi All,

I've a gui with various inputs, a chunk of the inputs are passed to a sproc string.

The issue I have is whenever a apostrophe is passed having been entered within one of the inputs (eg. John O'Brien) , I've tried adding further to the variables (eg. $RI2) when I go about reading the inputs - example below, $RI1 obviously omitting the further apostrophes I added;

$input1 = "John O'Brien"
$input2 = "John O'Brien"

$RI1 = GUICtrlRead($input1)
$RI2 = "'"&GUICtrlRead($input2)&"'"

$sqlcmd = "exec example_sproc @Insert1 = '" & $RI1 & "'," & "@Insert2 = '" & $RI2 & "'"

What is deemed 'best practice' across the forums? - I could see anything apart from a suggestion to use SQLite, would this be the suggested best course of action to take?

Any pointers in the right direction would be appreciated.

Thanks

Bob

Share this post


Link to post
Share on other sites



Simply escape significant single quotes by doubling them.

$input1 = "John O'Brien"
$input2 = "John O'Brien"

$RI1 = _SQL_Escape($input1)
$RI2 = _SQL_Escape($input2)

$sqlcmd = "exec example_sproc @Insert1 = " & $RI1 & "," & "@Insert2 = " & $RI2

Func _SQL_Escape($sVar)
    Return("'" & StringReplace($sVar, "'", "''") & "'")
EndFunc

Also GUICtrlRead don't make sense in your example.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Simply escape significant single quotes by doubling them.

$input1 = "John O'Brien"
$input2 = "John O'Brien"

$RI1 = _SQL_Escape($input1)
$RI2 = _SQL_Escape($input2)

$sqlcmd = "exec example_sproc @Insert1 = " & $RI1 & "," & "@Insert2 = " & $RI2

Func _SQL_Escape($sVar)
    Return("'" & StringReplace($sVar, "'", "''") & "'")
EndFunc

Also GUICtrlRead don't make sense in your example.

 

Ah! Perfect & exactly along the lines of what I was looking for - Thanks for the speedy reply also, much appreciated jchd.

You're quite right it does indeed, I initially was going to add something more like what I actually have in use but it seemed pointless to achieve the question I was trying to ask - I just hadn't tidied up.

Thanks again.

Bob

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0