Skip to main content
Windward

Escape characters in vars

Overview

Escape characters in vars.

Resolution

When we substitute in text for a ${var} in a database query, we have to provide special handling for escape characters. For a simple example, say you have select="select * from employees where name like '${var}' " and var is "O'Malley". If we did not escape the ' in O'Malley then the select would end up as "select * from employees where name like 'O'Malley' " which is a malformed select.

However, the problem also exists where you can have "select FIRST_NAME from EMPLOYEES" and _ is a special character in Sql Server. To handle this situation if the name of your var starts with an underscore, such as ${_var}, then no escape substitution is performed.

The escape characters handled are:

 

DB2  
' ''
" ""
_ \_
? \?
% \%
\ \\

 

 

MySql  
' \'
" \"
_ \_
% \%
\ \\

 

 

Oracle  
' ''
% \%
\ \\

 

 

Sql Server  
' ''
[ [[]
% [%]
_ [_]
  • Was this article helpful?