revExecuteSQL and escaping values

Trevor DeVore lists at mangomultimedia.com
Mon Apr 11 15:20:18 CDT 2005


I was under the impression that when using binding with revdb that the 
values would be escaped when creating the sql statement.  For example

put "that's it" into myVar

revExecuteSQL myDBID, "UPDATE myTable SET Description = :1 WHERE ID = 
1", "myVar"

would execute the statement like this:

UPDATE myTable SET Description = 'that\'s it' WHERE ID = 1

This does not seem to be the case with revdb however since I am getting 
errors in my sql syntax whenever I have a variable with a single quote 
in it.  Perhaps I just expected this since that is how Valentina works 
and as far as I can tell there is no way in revdb to access the active 
databases native string escape functions.  Anyone have any insight 
here?


-- 
Trevor DeVore
Blue Mango Multimedia
trevor at mangomultimedia.com



More information about the use-livecode mailing list