| Subject | Re: [IBO] Parameterized inserts? |
|---|---|
| Author | Joe Martinez |
| Post date | 2002-11-07T10:51:13Z |
One other question:
Normally, when I'm dynamically generating an SQL statement, I have to
double up any quotes that appear in a literal. That is, if I wanted to
insert a literal string with an apostrophe in it (i.e. Bob's Pawn Shop),
I'd have to do something like:
set companyname = 'Bob''s Pawn Shop'
Otherwise, it would think that the apostrophe in the literal was a closing
quote.
My question is: When I'm assigning parameters with ParamByName, to I have
to do the same thing, or is that already taken care of for me? For
instance, would I do:
MyDSQL->ParamByName("CompanyName") = "Bob's Mowers";
or
MyDSQL->ParamByName("CompanyName") = "Bob''s Mowers";
Thanks,
Joe
Normally, when I'm dynamically generating an SQL statement, I have to
double up any quotes that appear in a literal. That is, if I wanted to
insert a literal string with an apostrophe in it (i.e. Bob's Pawn Shop),
I'd have to do something like:
set companyname = 'Bob''s Pawn Shop'
Otherwise, it would think that the apostrophe in the literal was a closing
quote.
My question is: When I'm assigning parameters with ParamByName, to I have
to do the same thing, or is that already taken care of for me? For
instance, would I do:
MyDSQL->ParamByName("CompanyName") = "Bob's Mowers";
or
MyDSQL->ParamByName("CompanyName") = "Bob''s Mowers";
Thanks,
Joe