MySQL's different quote marks - mysql

I am a bit new to MySQL and just wanted to know what is the difference between:
` ' "
when I'm using them in a query.

With ` you write mysql variable names.
With ' you write mysql variable values
For example
SELECT * FROM `test` WHERE `x` = '1'

I would add that the way double quotes are interpreted depend of wether or not your MySQL server has ANSI quotes turned on or off.
In the former you cannot use double quotes as a string delimiter.
SELECT name FROM user WHERE last_name = "norris" ;
will return you a punch in your teeth.

``quotes you dont need to escape where as string quotes you do ''single or ""double

http://dev.mysql.com/doc/refman/5.1/en/string-literals.html
http://dev.mysql.com/doc/refman/5.1/en/identifiers.html

use ` (backquotes) for column name
use ' or " for values
Don't use backticks with column values. use either single or double quotes otherwise mysql considered that value as a column name.

Related

How to correctly format quotation marks and double quotes in mysql query

I'm currently using PDO connection for perform some mysql queries and since I use the command $conn->prepare("HERE THE QUERY") I want to know how to format characters like quotes and double quotes.
When I have cases like this one:
$conn->prepare("SELECT * FROM ('SELECT DISTINCT (user_id) FROM table1')");
This is fine because in the nested SELECT there isn't a particular character that can cause problems. But how can we handle special cases like that?
Here a strange example (forget the mysql.. this is quite irrelevant, focus on the quotes situation) with quotes and double quote inside the nested SELECT:
$conn->prepare("SELECT * FROM ('SELECT user_id, CONCAT('[\"",GROUP_CONCAT(DISTINCT(cat) ORDER BY user_id DESC SEPARATOR "\",\""),"\"]') cat_grouped FROM table_1') select1");
What should be the right quotation mark syntax according to this example query? If i use ' instead of " when I prepare the query the problem is quite fixed, but I want to understand if there is a smart way to maintain the double quotes.
firstly I recommend using single quotes - they're faster :D
The main issue is using the same quotes with each other. Doing this causes pre-mature closing, and I'm sure you'd like to save that pre-mature embarrassment.
See in simple terms:
"string has star"ted"
As you can see, the first double quote the file gets to is the one after star. This closes the string after star, rendering the ted" in a fatal error.
What you want to do is escape the quotes that conflicts with the opening quote. Single quotes inside double quotes are fine, and vice versa.
Escape single quotes inside single quotes and double quotes inside double quotes - the rest should be ok to leave. Also I recommend using backticks for your mysql tables and fields to avoid some errors down the road if they deiced to add some new keyword that just so happens to match your table/field name
e.g.
if using single quotes:
$conn->prepare('SELECT * FROM table WHERE string_field = \'value\'');
if using double quotes:
$conn->prepare("SELECT * FROM table WHERE string_field = \"value\"");
if mixing:
$conn->prepare('SELECT * FROM table WHERE string_field = "value"');
\ is the escape character used for situations like this :)
The alternative is concatting strings:
$conn->prepare('SELECT * FROM table WHERE field = '. $foo);
so breaking it up, you declare string same was as usual with preferred quotes, then to add stuff to it, you use . to concat

DECODE Function in SQL

I am trying to insert the following query and I get syntax errors. Can you please help me with the below query:
INSERT INTO ABCTABLE (COLUMN1) values ('DECODE(MDSE_CD,NULL,'0000000000000000',LPAD(TO_NUMBER(MDSE_CD,'16',' '))');
Since you haven't really said anything other than "this query doesn't work, fix it", I have to take a stab in the dark what you want. From the query you have, I'm therefore guessing you want the value of the column to be DECODE(MDSE_CD,NULL,'0000000000000000',LPAD(TO_NUMBER(MDSE_CD,'16',' '))
In which case, you have to escape the single quotes within your string literal. Do this by doubling up the quotes:
INSERT INTO ABCTABLE (COLUMN1)
VALUES ('DECODE(MDSE_CD,NULL,''0000000000000000'',LPAD(TO_NUMBER(MDSE_CD,''16'','' ''))')
Try properly escaping the inner single quotes
INSERT INTO ABCTABLE (COLUMN1)
VALUES ('**DECODE**(MDSE_CD,NULL,''0000000000000000'',**LPAD**(TO_NUMBER(MDSE_CD,''16'','' ''))');
The problem is the use of quote marks. If we tried to break up your query it would look like this:
INSERT INTO ABCTABLE
(COLUMN1)
values
(
'DECODE(MDSE_CD,NULL,'
0000000000000000
',LPAD(TO_NUMBER(MDSE_CD,'
16
','
'))'
);
...which clearly makes no sense.
You might want to think about how to escape a quote mark inside a string.
Sql Server:
DECOD function in Sql Server can be replaced with CASE construct
LPAD function in Sql Server has not a direct correspondence but you can pad your string using string manage function REPLACE (replicate a character a number of specified times)
My Sql:
DECOD function in MySql can be replaced with CASE construct
LPAD function in MySql is existent
What do you want to store... a string literal 'DECODE(MDSE...))', or did you want to call a function to derive a value?
To store a string literal containing single quotes, you need to "escape" each single quote within the string with an extra single quote, e.g.
O'Hare Int'l ==> 'O''Hare Int''l'
The DECODE function is Oracle specific. That expression will need to be rewritten using different functions in both MySQL and SQL Server.

sql server equivalent of mysql where in

I have always used a MySQL Where In to filter for multiple values of a single field. I am looking for the equivalent for SQL Server. When I set this up on SS it looks at each item as a field in my table instead of a record in my field. Does anyone know the equivalent? Thanks!
MySQL:
SELECT quote_id,entity_id FROM customer.customer_id4
WHERE
quote_id IN ("00033658.0","00033361.0","00032971.0")
Error when using similar format in SS:
Invalid column name '00033658.0'
Invalid column name '00033361.0'
Invalid column name '00032971.0'
" in SQL server is used to delimit field names. You need to use ' instead, e.g.
... quote_id IN ('00033658.0', '00033361.0', etc...)
^-- ^--- note the different quotes
I think you just have to replace double quotes(") with a single quote (').
SELECT quote_id,entity_id FROM customer.customer_id4
WHERE
quote_id IN ('00033658.0','00033361.0','00032971.0')
Try using single quotes in the IN statement and see this link: http://technet.microsoft.com/en-us/library/ms177682.aspx

How to replace all double quotes to single quotes using mysql replace?

I need to replace all double quotes to single quotes using mysql query.
How can I do that. My sql should be in double quotes.
mysql="select replace(text,'\"',''') from mytable"
throwing error. How can I escape that single quotes inside query?
Try this one
$mysql="select replace(text,'\"',\"'\") from mytable";
Then the query will become
select replace(text,'"',"'") from mytable
at the Mysql end.
You need to escape the single quote ' too (see table 8.1):
mysql="select replace(text,'\"','\\'') from mytable"
Thus, the string sent to MySQL will read:
select replace(text,'"','\'') from mytable

mysql - replace ' with single quote in a field

I'm not exactly sure what happened because I migrated from One server to another of the same spec and SQL...
Still in comments and titles the new database shows the characters ' instead of '
and I was wondering if I could ask for help in either replacing ' with '
or if it was simpler just deleting '
Thanks so much...
Steff
You could use MySQL's REPLACE method (look here):
UPDATE
Changed the statement to reflect the OP's naming:
UPDATE database1.vb_ppgal_albums
SET pp_photos = REPLACE(pp_photos, ''', '\'')
Good luck.
The following is the coding that I use to update double-quote in MySQL. I use the REPLACE function. The first parameter is the field_name that I want to have searched, the second is the escaping of the double quote (\") as the search string, followed by escaping of the escape character (\) followed by the double quote, which will insert into the field name (\"). In the table I will now have a measurement of '1/2\"' instead of '1/2"', which was my goal. I hope this helps. (PS, the Where clause is for show, you may not need it.)
UPDATE `table_name`
SET
`field_name` = REPLACE(`field_name`, '\"', '\\"')
WHERE `Id` > 125