|
|
Escaping strings
Hi,
This seems rather easy, but its got me stuck.
i am using ruby DBI to insert records into a mysql database.
dbh.do("INSERT INTO sentences (id,text)
VALUES
(#{id},#{sentence})")
the sentence is a pretty long and complex string having many special
characters. I cant seem to escape it out, i tried CGI and the %&&
delimiters, but i cant get it to work.
I appreciate your help!
Thanks!
--
Posted via http://www.ruby-forum.com/.
|
|
0
|
|
|
|
Reply
|
 krishna.rokhale (3)
|
3/7/2010 7:23:11 AM |
|
Nvm, got it.
require 'mysql'
sentence = Mysql.escape_string(sentence.to_s)
dbh.do("INSERT INTO sentences (id,text)
VALUES
(#{id}, '" + sentence + "')")
:)
--
Posted via http://www.ruby-forum.com/.
|
|
|
0
|
|
|
|
Reply
|
 Krishna
|
3/7/2010 8:14:01 AM
|
|
On 03/07/2010 09:14 AM, Krishna Rokhale wrote:
> Nvm, got it.
>
> require 'mysql'
>
> sentence = Mysql.escape_string(sentence.to_s)
> dbh.do("INSERT INTO sentences (id,text)
> VALUES
> (#{id}, '" + sentence + "')")
>
>
> :)
>
I'd rather use prepared statements with bind variables. This is much
safer and also you can offload a bit of work from the database.
Kind regards
robert
--
remember.guy do |as, often| as.you_can - without end
http://blog.rubybestpractices.com/
|
|
|
0
|
|
|
|
Reply
|
Robert
|
3/7/2010 5:15:02 PM
|
|
Robert Klemme wrote:
> On 03/07/2010 09:14 AM, Krishna Rokhale wrote:
>> :)
>>
>
> I'd rather use prepared statements with bind variables. This is much
> safer and also you can offload a bit of work from the database.
>
> Kind regards
>
> robert
Thanks!
--
Posted via http://www.ruby-forum.com/.
|
|
|
0
|
|
|
|
Reply
|
Krishna
|
3/7/2010 10:09:54 PM
|
|
|
3 Replies
1703 Views
(page loaded in 1.239 seconds)
Similiar Articles: remove any commas/data from mysql? - comp.databases.mysql ...... 3D '00') { > =A0 =A0 =A0 =A0 $wrong++; > =A0 =A0 =A0 =A0 } > =A0 =A0 =A0 =A0 if (!in_array($key,$ignore)) { > =A0 =A0 =A0 =A0 $results .=3D "'" . mysql_real_escape_string ... special character ' - comp.databases.mysqlWhatever language and library you are using, it sure has an escaping mechanism ... type of situations ? now, via code, i > replace into the "description" > string ... How to un-escape HTML tags in JSP/Struts - comp.lang.java ...Hi, I receive from the database HTML formatted Strings like that: Currently results Using the struts tag, I expect to display it on the generated J... Escape Character in directory path - comp.lang.c++.moderated ...It's not the fact that the string contains \ characters: the problem is precisely ... asm.x86 list name of current FOLDER not full path - comp.soft-sys.matlab ... Escape ... ANSI terminal escape sequence regexp - comp.unix.shellI am looking for a regexp that matches the ANSI terminal escape sequences (ESC ... the C0 set, the C1 set, independent control functions and control strings) and I ... escaping directory name space - comp.unix.shellMac OS/server 10.6.4 What is the preferred syntax/escape for handling the space ... I did notice that Smultron (text editor) red flags the quoted string. I knew ... Split a price String Object into dollars and cents String Objects ...Hello All, I am trying to split a String object below ... By escaping the dot a reference to the dot is created, as opposed to the 'any ... substitute string for ascii control character - comp.lang.awk ...>>>>Janis Papanagnou wrote: >>>>The backslash is the escape character in _all_ strings, as the one >>>>in the argument to gsub. Function gsub needs an escaped ampersand ... RegExp pattern to escape ALL special characters (but exclude ...BUT - I want to support also unicode chars (and not escape them). I could not find a ... then a "blacklist" of all special > > chars. > > Well in a language where a string is ... concatenate multiple strings - comp.lang.awkI searched string functions to concatenate substrings into one string and I can not ... recognize single quotes as quotes, so you have to use double quotes, and escape real ... Escape character - Wikipedia, the free encyclopediaThe backslash (\) escape character typically provides two ways to include doublequotes inside a string literal, either by modifying the meaning of the doublequote ... Perl + DBI + mysql - Escaping StringsFirst post here ... having a bit of a problem, I know you can use the DBI function quote() to properly escape characters before using in a sql statement ... however ... 7/24/2012 8:58:08 AM
|
|
|
|
|
|
|
|
|
Search |
Post Question |
Groups |
Stream |
About |
Register
4 followers. 