Information générale
Catégorie:
Base de données, Tables, Vues, Index et syntaxe SQL
> Doubling is not a solution unless you are hardcoding the value.
> Parameters should be used.
Of course it can be a solution. You write a function called "EncodeLiteralStringForSQL()" and it finds any invalid characters and transforms them into what they need to be to allow the INSERT to proceed.
Highly inelegant compared to parameters, but it is still a solution. I prefer to present all options and then discuss "best practices" to settle on the best way to go. In any case, there is nothing wrong with knowing how to do it for the scenario where you are actually inserting a literal and just want to know how to get it done. Setting up a parameterized situation in SQL Server Management Studio, for instance, would take a lot more time than simply typing in one extra tick. The same goes for inserting dates, etc. where you need to learn how the underlying database engine handles things. I like to understand the underpinnings before relying on the higher-level (and more suitable) techniques. That's what makes errors so much fun to learn from. Exasperating, but eventually illuminating. *smile*
Thanks,
Joe Kaufman
Précédent
Suivant
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement