Philosophy of quotes embedded in Strings
231 views
Skip to first unread message
Dale
Mar 3, 2011, 7:27:11 PM3/3/11
to ORMLite Developers
I'm converting records in one database (MS Access) to an equivalent,
but normalized database of some other type (I'm using SQLite, but it
will be selected by the user of my conversion app). In the conversion
process, I take a String id field in the Access database and insert
into an autogenerated field in the converted database. That same
String id field is used in another table and so I need to look up the
autogenerated id of the converted record. The problem I'm running into
is that single quotes are embedded in the String id field I need to
look up:
SELECT * FROM `TABLE` WHERE `COLUMN` = 'This is a 'problem' '
I was assuming that the QueryBuilder would escape the quote as needed
per the database type it was inserting into. However, it appears that
quote escaping is left to the code calling into ORMLite. Would it be
worthwhile to have ORMLite do the escaping? It looks like something is
in place in BaseComparison that can changed to possibly do this. What
are your thoughts?
but normalized database of some other type (I'm using SQLite, but it
will be selected by the user of my conversion app). In the conversion
process, I take a String id field in the Access database and insert
into an autogenerated field in the converted database. That same
String id field is used in another table and so I need to look up the
autogenerated id of the converted record. The problem I'm running into
is that single quotes are embedded in the String id field I need to
look up:
SELECT * FROM `TABLE` WHERE `COLUMN` = 'This is a 'problem' '
I was assuming that the QueryBuilder would escape the quote as needed
per the database type it was inserting into. However, it appears that
quote escaping is left to the code calling into ORMLite. Would it be
worthwhile to have ORMLite do the escaping? It looks like something is
in place in BaseComparison that can changed to possibly do this. What
are your thoughts?
Gray Watson
Mar 3, 2011, 10:59:40 PM3/3/11
to ormli...@googlegroups.com
On Mar 3, 2011, at 7:27 PM, Dale wrote:
> I was assuming that the QueryBuilder would escape the quote as needed
> per the database type it was inserting into.
I don't like it Dale. I can take a look at the escaping process but I'd rather encourage you to use the SelectArg types where the escaping doesn't matter. Will that work?
http://ormlite.com/docs/select-arg
> It looks like something is in place in BaseComparison that can changed to possibly do this.
I know it will be easy to put in but I'm worried that I will have to process all arguments to check if I need to escape them or not.
gray
Dale
Mar 4, 2011, 9:35:16 AM3/4/11
to ORMLite Developers
On Mar 3, 10:59 pm, Gray Watson <256....@gmail.com> wrote:
> On Mar 3, 2011, at 7:27 PM, Dale wrote:
>
> > I was assuming that the QueryBuilder would escape the quote as needed
> > per the database type it was inserting into.
>
> I don't like it Dale. I can take a look at the escaping process but I'd rather encourage you to use the SelectArg types where the escaping doesn't matter. Will that work?
>
> http://ormlite.com/docs/select-arg
>
everything on that page but the last section, lol. Thanks.
Leo Nawroth
Oct 14, 2015, 7:42:31 AM10/14/15
to ORMLite Developers
Hi Gray, question regarding the SelectArg: "NOTE: SelectArg objects have protection against being used in more than one column name. You must instantiate a new object if you want to use a SelectArg with another column."
What is the reasoning behind this? In my code I want to search with the same user input in different columns (search customers that match query string in either phone number, name, location ...you get the point). The protection makes my code look very redundant and I just want to understand why is that necessary.
Thanks for your work!
Leo
Reply all
Reply to author
Forward
0 new messages