{"id":841,"date":"2012-09-14T12:27:42","date_gmt":"2012-09-14T12:27:42","guid":{"rendered":"https:\/\/ibex.tech\/visualcpp\/?p=841"},"modified":"2022-02-17T06:24:03","modified_gmt":"2022-02-17T06:24:03","slug":"sanitising-strings-for-use-in-sql-statements","status":"publish","type":"post","link":"https:\/\/ibex.tech\/visualcpp\/strings\/sanitising-strings-for-use-in-sql-statements","title":{"rendered":"Sanitising strings for use in SQL statements"},"content":{"rendered":"

\nIf possible don't sanitize your strings. Use parameterized queries instead, as they handle all sanitization.<\/strong><\/em>\n<\/p>\n

\nFor MS-SQL
\n<\/h4>\n
\r\n\r\n\t\/\/Convert single quotes to two single quotes\r\n\tTagDescription = TagDescription->Replace("'", "''");\r\n<\/code><\/pre>\n
\nFor MySQL
\n<\/h4>\n
\r\n\r\n\t\/\/Convert single quotes to two single quotes\r\n\tTagDescription = TagDescription->Replace("'", "\\'");\r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
If possible don't sanitize your strings. Use parameterized queries instead, as they handle all sanitization. For MS-SQL \/\/Convert single quotes to two single quotes TagDescription = TagDescription->Replace("'", "''"); For MySQL \/\/Convert single quotes to two single quotes TagDescription = TagDescription->Replace("'", "\\'");<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[],"class_list":["post-841","post","type-post","status-publish","format-standard","hentry","category-strings"],"_links":{"self":[{"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/posts\/841","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/comments?post=841"}],"version-history":[{"count":6,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/posts\/841\/revisions"}],"predecessor-version":[{"id":1277,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/posts\/841\/revisions\/1277"}],"wp:attachment":[{"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/media?parent=841"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/categories?post=841"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ibex.tech\/visualcpp\/wp-json\/wp\/v2\/tags?post=841"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}