| Subject | Possible to disable or change SQL statement comment syntax? |
|---|---|
| Author | Kevin Hamilton |
| Post date | 2005-06-13T18:27:30Z |
Using Firebird with PHP, I recently ran into a problem which I know was
programmer error...instead of escaping the quotes in a string with a
quote, it was escaped with a backslash. Unfortunately, the problem was
further compounded by a -- following the improperly escaped quote.
So a SQL statement that should have been something like:
UPDATE mytable set fieldname='system error: ''--cannot process
command''' where id=1
Became:
UPDATE mytable set fieldname='system error: \'--cannot process
command\'' where id=1
This results in ALL ROWS of mytable now having the value 'system error:
\' in the field.
So, going forward I will be much more careful in my code to avoid this
sort of programming error. But I would feel MUCH less apprehensive
about all my legacy code if I could some how prevent Firebird from
seeing -- as a comment. Is there any setting to do that?
Kevin
CONFIDENTIALITY NOTICE:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
programmer error...instead of escaping the quotes in a string with a
quote, it was escaped with a backslash. Unfortunately, the problem was
further compounded by a -- following the improperly escaped quote.
So a SQL statement that should have been something like:
UPDATE mytable set fieldname='system error: ''--cannot process
command''' where id=1
Became:
UPDATE mytable set fieldname='system error: \'--cannot process
command\'' where id=1
This results in ALL ROWS of mytable now having the value 'system error:
\' in the field.
So, going forward I will be much more careful in my code to avoid this
sort of programming error. But I would feel MUCH less apprehensive
about all my legacy code if I could some how prevent Firebird from
seeing -- as a comment. Is there any setting to do that?
Kevin
CONFIDENTIALITY NOTICE:
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.
Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.