Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
nirmala84
Starting Member
1 Post |
 Posted - 2010-01-27 : 05:05:29
|
| hi allI am new to this Sql Team Forum,I am Pleased to be hereI have an Issue in sql query,Actually, the basic sql select query with 'like' we have as Select * from tblname where description like '% n %'But my issue is the description may be " It's Forum with the name as SQL Team" as like With this description i cannot able to execute the query, because i am having single quotes within the description what i have to do for this to exec,can anyone give me solution for thisIf anyone knows please Help me..........Thanks in advanceRegardsnirmla |
|
|
EugeneLim11
Posting Yak Master
167 Posts |
Posted - 2010-01-27 : 05:13:13
|
| use parameters =) Select * from tblname where description like @ParametersThis helps to prevent SQL injections attacks. :) |
 |
|
|
Transact Charlie
Master Smack Fu Yak Hacker
3451 Posts |
Posted - 2010-01-27 : 05:32:02
|
| you are building this sql dynamically?If so then certainly do as EugeneLim11 suggests.Also -- check out the QUOTENAME function. it will escape all troublesome characters for you.Charlie===============================================================Msg 3903, Level 16, State 1, Line 1736The ROLLBACK TRANSACTION request has no corresponding BEGIN TRANSACTION |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2010-01-27 : 05:37:16
|
"With this description i cannot able to execute the query, because i am having single quotes within the description what i have to do for this to exec"Double up the single quotes:Select * from tblname where description like '% It''s Forum with the name as SQL Team %' |
|
|
|
|
|
|
sql select query with 'like'