Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 SQL Server Development (2000)
 single quote escaped but still writes '' to table!

Author  Topic 

Woodstock
Starting Member

3 Posts
Posted - 2008-01-17 : 12:08:37
Hi all,

I'm new to this forum, I've been doing a bit of research and I can't seem to find the solution anywhere, I was hoping you guys can help out..
The problem is with single quotes in SQL Server, I escape them with another single quote but somehow (and I can only imagine this is a configuration problem..) it writes 2 single quotes in the database!

I'm escaping the variables in PHP using
str_replace("'","''",$myVariable);
however, when I go and look in the database, I can see two single quotes! This is causing my program to explode because when it reads back from the database, it reads 2 single quotes, then it escapes them again when writing so it keeps on doubling them!

For example:
$myVariable = "A's";
Then I escape the single quote with:
$myEscapedVar = str_replace("'","''",$myVariable);
At this point it should be A''s
When I look into the DB, I see A''s instead of A's
Because the data goes back and forth from the DB to my program, I'm ending up with strings like the following: A''''''''''''s

I've looked into php.ini thinking that it could be due to magic_quotes_sybase and magic_quotes_runtime but they're both set to off and it still escapes my escapes!
Any advice appreciated, thanks!

harsh_athalye
Master Smack Fu Yak Hacker

5581 Posts
Posted - 2008-01-17 : 12:12:12
What happens if you don't escape it with another quote while inserting into database?

Harsh Athalye
India.
"The IMPOSSIBLE is often UNTRIED"
Go to Top of Page

Woodstock
Starting Member

3 Posts
Posted - 2008-01-17 : 12:20:55
quote:
Originally posted by harsh_athalye

What happens if you don't escape it with another quote while inserting into database?


If I don't escape it, it works - however I'm afraid that this is just a configuration issue, so if I don't escape it and I deploy this application on other SQL Server installations it will most probably not work.. (since single quotes have to be escaped!!)
Go to Top of Page

Woodstock
Starting Member

3 Posts
Posted - 2008-01-17 : 13:23:36
ohhh, I've just found the solution....!
I just had to set magic_quotes_gpc = Off and it's working now! :-)
Go to Top of Page
   

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources

Articles

Forums

Blogs

Contact Us

About the Site