Jump to content
litzinger

Escape a string for mysql input.

Recommended Posts

litzinger

Hello I'm creating a backend for an AI I'm in the process of developing, and I want to get a reply from cleverbot when my AI doesn't know what to say.

I'm doing this using a mysql table to store the inputs and outputs, however, sometimes the reply from the cleverbot api includes single or double quotes.

Is there a way to escape these responses with a regular expression before inputting them into the database?

Share this post


Link to post
Share on other sites
jchd

StringReplace or StringRegexpReplace.

$strOK = StringReplace($str, '"', '""')
$strOK = StringReplace($strOK, "'", "''")

or

$strOK = StringRegexpReplace($str, '(''|")', '$1$1')

 


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites
genius257

or use bind, if you have access to the part of the code that inserts the data into the DB, that way it does not matter if it contains any single or double quotes.

Quote

As an alternative to explicitly escaping special characters, many MySQL APIs provide a placeholder capability that enables you to insert special markers into a statement string, and then bind data values to them when you issue the statement. In this case, the API takes care of escaping special characters in the values for you.

source: https://dev.mysql.com/doc/refman/5.7/en/string-literals.html

Share this post


Link to post
Share on other sites
jchd

The issue with binding is that we have to make many invokations of the binding API (depends on the number of fields you're dealing with in the table), which is generally slower from AutoIt than handcrafting a whole SQL statement.


This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.
Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe here
RegExp tutorial: enough to get started
PCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta.

SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.
SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.
An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.
SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)
A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!
SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.