I'm not exactly sure what happened because I migrated from One server to another of the same spec and SQL...
Still in comments and titles the new database shows the characters ' instead of '
and I was wondering if I could ask for help in either replacing ' with '
or if it was simpler just deleting '
Thanks so much...
Steff
You could use MySQL's REPLACE method (look here):
UPDATE
Changed the statement to reflect the OP's naming:
UPDATE database1.vb_ppgal_albums
SET pp_photos = REPLACE(pp_photos, ''', '\'')
Good luck.
The following is the coding that I use to update double-quote in MySQL. I use the REPLACE function. The first parameter is the field_name that I want to have searched, the second is the escaping of the double quote (\") as the search string, followed by escaping of the escape character (\) followed by the double quote, which will insert into the field name (\"). In the table I will now have a measurement of '1/2\"' instead of '1/2"', which was my goal. I hope this helps. (PS, the Where clause is for show, you may not need it.)
UPDATE `table_name`
SET
`field_name` = REPLACE(`field_name`, '\"', '\\"')
WHERE `Id` > 125
Related
I have some data in a table in the following format in Amazon Redshift:
Column1 Column2
'a' 'b'
I'd like to remove the single quote characters from this table and get the data as follows:
Column1 Column2
a b
I would have thought the Replace function would do the trick, so I wrote the following query:
select replace(column1,''',''),
replace(column2,''','')
from table
But this doesn't work and gives me Amazon](500310) Invalid operation: unterminated quoted string at or near "''',''). I tried to escape the single quote character by \ but even that didn't work.
I also tried using the following query:
select replace(column1,"'",''),
replace(column2,"'",'')
from table
But it gave me the error [Amazon](500310) Invalid operation: column "'" does not exist in <tablename>
So how do I remove these single characters from my data?
Any help would be much appreciated.
TIA.
select replace(column1,chr(39),''),
replace(column2,chr(39),'')
from table
The CHR function returns the character that matches the ASCII code point value specified by of the input parameter. If I’ve made a bad assumption please comment and I’ll refocus my answer.
With MySQL you have two ways of quoting, so you need to switch:
REPLACE(column1, "'", "")
You can't use the same character for both delimiting and content without escaping:
REPLACE(column1, '\'', '')
I am reading a value from table with apostrophe with which I create a dynamic query and than I run a sp to save it in another table, which works fine without apostrophe but throw an error when it contains an apostrophe.
Select #arguments = argument from Mytable
e.g.
set #sql = 'exec nameOfSP' + #arguments
#arguments value comes from database
#argument sample value '612f0', 'This is an example second string'
Yes I know and agree that this is very bad code smell and therefore the question is not about design (which unfortunately couldn't be changed) but about the best possible solution in current scenario.
I am looking possible for a solution with encoding?
If there is a possibility of a quote coming through in your arguments do something like this:
set #sql = 'exec nameOfSP ' + REPLACE(#arguments, '''', '''''');
"the question is not about design (which unfortunately couldn't be changed)" seems like someone is going for the risk of saving in design that will cost a lot after... if you really must use dynamic sql like this you can use replace on ' to '' (that's right, just double it).
However, I must say that this is not a solution to your problem in any way, it's only a workaround.
You should do whatever you can to change the desing.
I've been trying to get a table row with this query:
SELECT * FROM `table` WHERE `field` LIKE "%\u0435\u0442\u043e\u0442%"
Field itself:
Field
--------------------------------------------------------------------
\u0435\u0442\u043e\u0442 \u0442\u0435\u043a\u0441\u0442 \u043d\u0430
Although I can't seem to get it working properly.
I've already tried experimenting with the backslash character:
LIKE "%\\u0435\\u0442\\u043e\\u0442%"
LIKE "%\\\\u0435\\\\u0442\\\\u043e\\\\u0442%"
But none of them seems to work, as well.
I'd appreciate if someone could give a hint as to what I'm doing wrong.
Thanks in advance!
EDIT
Problem solved.
Solution: even after correcting the syntax of the query, it didn't return any results. After making the field BINARY the query started working.
As documented under String Comparison Functions:
Note
Because MySQL uses C escape syntax in strings (for example, “\n” to represent a newline character), you must double any “\” that you use in LIKE strings. For example, to search for “\n”, specify it as “\\n”. To search for “\”, specify it as “\\\\”; this is because the backslashes are stripped once by the parser and again when the pattern match is made, leaving a single backslash to be matched against.
Therefore:
SELECT * FROM `table` WHERE `field` LIKE '%\\\\u0435\\\\u0442\\\\u043e\\\\u0442%'
See it on sqlfiddle.
it can be useful for those who use PHP, and it works for me
$where[] = 'organizer_info LIKE(CONCAT("%", :organizer, "%"))';
$bind['organizer'] = str_replace('"', '', quotemeta(json_encode($orgNameString)));
Using MS Access 2010.
I have a field in a table that contains windows path names surrounded by quotes, like this
"C:\My Documents\Photos\img1.jpg"
"C:\My Documents\Photos\products\gizmo.jpg"
"C:\My Documents\Photos\img5.jpg"
and so on.
I need to get rid of the quotes so the column looks like this:
C:\My Documents\Photos\img1.jpg
C:\My Documents\Photos\products\gizmo.jpg
C:\My Documents\Photos\img5.jpg
Is there a way to write an update query to do this?
OR a better way to do it altogether?
If you will be doing this from within an Access session, using Access 2000 or later, you can use the Replace() function in an update query to remove the quotes. Remove would mean replace them with an empty string.
UPDATE YourTable
SET path_field = Replace(path_field, '"', '');
If any of those path strings could include quotes within them (yuck!), consider the Mid() function ... ask it to start at the 2nd character (skipping the lead quote), and return the number of characters equivalent to Len(path_field) - 2
UPDATE YourTable
SET path_field = Mid(path_field, 2, Len(path_field) - 2);
Either way, you may want to include a WHERE clause to ignore rows without path_field values.
WHERE Len(path_field) > 0
And if you must do this again when new data is added, use a different WHERE clause to ensure you UPDATE only those rows whose path_field values start and end with quotes.
WHERE path_field Like '"*"'
That was using the * wild card for Access' default ANSI 89 mode. If you will do this from ADO (ANSI 92 mode), use the % wild card.
WHERE path_field Like '"%"'
... or use ALike and the % wild card with either mode.
WHERE path_field ALike '"%"'
The solution with REPLACE already mentioned by others works, but removes ALL quotes, even if they are in the middle of the string.
If you only want to remove quotes at the beginning or at the end, but leave quotes in the middle of the string as they are, you can do it with the following two queries:
Remove first character if it's a quote:
update YourTable
set YourField = right(YourField, len(YourField) - 1)
where left(YourField, 1) = '"'
Remove last character if it's a quote:
update YourTable
set YourTable = left(YourField, len(YourField) - 1)
where right(YourField, 1) = '"'
To make this a permanent change, you might run an update query that looked something like this:
UPDATE [Your Table]
SET [Your Table].[Your Field] = Replace([Your Table].[Your Field],"""","")
This will get rid of all quotes, even if they aren't at the beginning or end. Post back if that's not exactly what you want.
Assuming your column name is MyColumn and table name is MyTable, you can use this sql to update your data to get rid of quotes.
UPDATE MyTable
SET MyColumn = REPLACE(MyColumn,'"','')
I am using MySQL with MATLAB, and I want to get a name from user, and pass it to the table in mySQL, but it is rejecting a variable name in place of string
var_name=input('enter the name:');
mysql('insert into table (name) values (var_name)');
Any suggestions?
FIRST read the comments to this question - you don't want to shoot yourself in the foot with a mysql injection security problem. You have been warned. Now, to solve your current problem, without addressing the security risk of the whole approach when it comes to building SQL queries, read on...
In principle Amro has already posted two solutions for you which work, but since you have not accepted it I'll explain further.
Your problem is that you are not telling MATLAB which parts of your query it should interpret as a literal string, and which parts it should interpret as a variable name. To solve this, you can just end the literal string where appropriate, i.e. after the opening brackets, and then start them again before the closing brackets.
In between those literal strings you want to add the contents of your variables, so you need to tell MATLAB to concat your literal strings with your variables, since the mysql command probably expects the whole query as a single string. So in essence you want to take the string 'insert into table(' and the string saved in the variable name and the string ') values (' and so on and glue them into one big string. Amro and Isaac have shown you two solutions of how to do this without much explanation:
horzcat('insert into table (', name, ') values (', var_name, ')')
uses the function horzcat, while
['insert into table (' name ') values (' var_name ')']
uses the fact that MATLAB treats strings as arrays of characters so that you can just use square brackets to form a large array containing the strings one after the other.
The third solution, offered by Amro, is a bit more sublte:
sprintf('insert into table (%s) values (%s)',name,var_name)
It tells the function sprintf (which is made for that purpose) "take the string which I supply as first parameter and replace occurences of %s with the strings I supply as the following parameters. This last technique is in particular useful if you also need to insert numbers into your string, because sprintf can also convert numbers to string and allows fine control over how they are formatted. You should have a close look at the help page for sprintf to know more :-).
Try this instead:
mysql(['insert into table (' name ') values (' var_name ')']);
or even:
mysql(sprintf('insert into table (%s) values (%s)',name,var_name));
I believe the problem you are having is the same as the one in this other question. It sounds like you want to create a command string that itself contains a ' delimited string, which would require you to escape each ' with another ' when you create your command string (note the first example in this string handling documentation). Note also you may want to use the 's' option for the INPUT function:
var_name = input('Enter the name: ','s'); %# Treats input like a string
commandString = sprintf('insert into table (name) values (''%s'')', var_name);
%# Note the two apostrophes --^
mysql(commandString);
If I were to enter Ken for the input, the string commandString would contain the following:
insert into table (name) values ('Ken')
And of course, as others have already mentioned, beware injection vulnerabilities.