Groups | Search | Server Info | Login | Register

Groups > comp.databases.mysql > #7799

Re: Escaping Strings

From "J.O. Aho" <user@example.net>
Newsgroups comp.databases.mysql
Subject Re: Escaping Strings
Date 2024-08-23 07:52 +0200
Message-ID <liqmd6Fr82iU1@mid.individual.net> (permalink)
References <v748rm$tapm$2@dont-email.me> <ligh9mFb2hjU1@mid.individual.net> <va8se0$otgt$4@dont-email.me>

Show all headers | View raw

On 23/08/2024 04.33, Lawrence D'Oliveiro wrote:
> On Mon, 19 Aug 2024 11:24:06 +0200, J.O. Aho wrote:
> 
>> I would looked into using parameterized queries ...
> 
> There are lots of cases they don’t handle. Like for example LIKE and
> REGEXP operands.

LIKE:
select * from table where column1 like ?;

you have the %'s in the parameterized value.

If you have issues, you can always use functions or store procedures 
which you use with parametrization.

-- 
  //Aho

Back to comp.databases.mysql | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Escaping Strings Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-07-15 22:46 +0000
  Re: Escaping Strings "J.O. Aho" <user@example.net> - 2024-08-19 11:24 +0200
    Re: Escaping Strings Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-08-23 02:33 +0000
      Re: Escaping Strings "J.O. Aho" <user@example.net> - 2024-08-23 07:52 +0200
        Re: Escaping Strings Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-08-24 22:49 +0000
          Re: Escaping Strings "J.O. Aho" <user@example.net> - 2024-08-25 09:27 +0200
            Re: Escaping Strings Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-09-05 06:11 +0000

csiph-web