-1

I have an update query that updates a column that holds another application SQL query. Putting SQL inside has been problematic I wanted to resolve it with escape characters.

update 
    my_table
 set
   sql_column = 'UPDATE inner_table SET user_name=\'user_name\' text=\'this this free text with things like \" inside it and drives me made\''
 where 
   condition_col = 123456

The above is correct in any SQL syntax checker; however, Sybase throws an error simply Incorrect syntax new 'username.'

I am new to Sybase; please help.

I was expecting that Sybase would behave like MySQL, which is different.

Paul T.
  • 4,703
  • 11
  • 25
  • 29
Ali Saberi
  • 864
  • 1
  • 10
  • 33
  • Does this answer your question? [How to escape single quotes in Sybase](https://stackoverflow.com/questions/12528455/how-to-escape-single-quotes-in-sybase) – Iłya Bursov Jan 18 '23 at 02:00
  • The string of sql_column that I put has the single quote and double quote. (let me emphasize it can have single and double quotes) and it can be another SQL platform. – Ali Saberi Jan 18 '23 at 12:49
  • double quote is not special symbol in any standard sql platform – Iłya Bursov Jan 18 '23 at 14:23

1 Answers1

-1

Sybase (and ansi-standard SQL*) escapes the single quote with itself. You don't need to do anything special with a double quote inside a string literal (since in ansi-standard SQL double quotes do not create literals).

sql_column = 'UPDATE inner_table SET user_name=''user_name'' text=''this this free text with things like \\" inside it ...'

But Sybase will NOT behave like MySQL (it's far more standards compliant).

Lacking some context here, but this kind of code is also likely to end up leaving you dangerously susceptible to SQL injection issues, and that's a really big deal.

* The link is for Informix, but it does a good job explaining the standard

Joel Coehoorn
  • 399,467
  • 113
  • 570
  • 794
  • The string of sql_column that I put has the single quote and double quote. (let me emphasize it can have single and double quotes) and it can be another SQL platform. – Ali Saberi Jan 18 '23 at 12:52
  • You don't have to do anything to escape double quotes in a string literal. – Joel Coehoorn Jan 18 '23 at 18:26