Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
jholovacs
Posting Yak Master
163 Posts |
 Posted - 2009-05-21 : 12:04:38
|
I'm building an XML document to be used as a business logic message between our SQL Server system and a client's custom-built system. To this end, I am writing a proc to generate the XML document based of an XSD.My concern is, as I am getting some values from parameters that may have illegal, unescaped characters in them, and obviously bad things will happen if I try to push them into a typed XML document (as they should).My question: is there a function or method to "sanitize" the parameter info to make sure all special characters are properly escaped? My knowledge of XML functionality in SQL Server is limited at best, but it seems that should be a no-brainer type of function to include as part of SQL Server's XML support.
SELECT TOP 1 w.[name]FROM dbo.women wINNER JOIN dbo.inlaws i ON i.inlaw_id = w.parent_idWHERE i.net_worth > 10000000 AND i.status IN ('dead', 'dying') AND w.husband_id IS NULLORDER BY w.hotness_factor DESC |
|
|
influent
Constraint Violating Yak Guru
367 Posts |
Posted - 2009-05-21 : 19:44:52
|
| I don't know of anything in SQL Server... are the values coming from another system (ASP.Net/PHP/etc.) that could do the sanitizing? Either way, do you know exactly which character sequences should always be escaped? |
 |
|
|
|
|
|
Escaping XML special characters?