Skip to main content
Windward

Escape characters and variables

Overview

This article covers using escape characters with variables ( ${var} ).

Resolution

When we substitute in text for a ${var} in a database query, we have to provide special handling for escape characters.

For a simple example, say you have

select="select * from employees where name like '${var}' "

and var is "O'Malley". If we did not escape the ' in O'Malley then the select would end up as... 

select="select * from employees where name like 'O'Malley' "

...which is a malformed select.

 

However, the problem also exists where you can have "select FIRST_NAME from EMPLOYEES" and _ is a special character in Sql Server. To handle this situation if the name of your var starts with an underscore, such as ${_var}, then no escape substitution is performed.

 

The escape characters handled are:

 

DB2  
' ''
" ""
_ \_
? \?
% \%
\ \\

 

 

MySql  
' \'
" \"
_ \_
% \%
\ \\

 

 

Oracle  
' ''
% \%
\ \\

 

 

Sql Server  
' ''
[ [[]
% [%]
_ [_]
  • Was this article helpful?