Storing and retrieving data from a SQL database

Mike Kerner MikeKerner at roadrunner.com
Thu May 19 04:17:48 CEST 2016


Why not just use parameterized queries?

On Wed, May 18, 2016 at 8:16 PM, Paul Dupuis <paul at researchware.com> wrote:

> Does anyone have some really good (comprehensive) routines to escape and
> unescape text data for storing in a SQL database (like SQLite or MySQL)
>
> basics like:
> replace cr with "\n" in pText -- replace any cr with "\n" for new line
> replace tab with "\t" in pText-- replace tabs with "\t"
> replace "'" with "\'" in pText-- replace single quotes with an escaped
> single quote
> replace quote with backslash&quote in pText-- replace double quote with
> escaped double quote
>
>
> but I expect I am missing some characters that SQL manuals say should be
> escaped. What about slash itself? And do you unescaped them in the same
> order you escape them or reverse order or does the order matter?
>
> I could Google the manuals, write some code, test it and revise until
> I've found all the characters and got the order to escape and unescape
> down correctly, but I figure someone else may have already done this
> comprehensively and be willing to share their code?
>
>
>
>
>
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



-- 
On the first day, God created the heavens and the Earth
On the second day, God created the oceans.
On the third day, God put the animals on hold for a few hours,
   and did a little diving.
And God said, "This is good."


More information about the use-livecode mailing list