DATETIME SELECT SELECT INTO DATE PAD STRING DYNAMIC SQL CURSOR MONEY FORMAT PERCENT STORED PROCEDURE SQL SERVER AGENT JOB OPTIMIZATION WHILE LOOP OVER PARTITION BY UPDATE
SITE SEARCH SQLUSA.com HEADLINES NEWS
SQL E/BOOKS   SQL 2014 PROGRAMMING   DOWNLOADS
SCRIPTS SQL 2005 SQL 2008 ARTICLES
SQL JOBS TWITTER FORMAT VIDEOS
How to handle quote within quote?

Execute the following scripts in Query Editor to demonstrate various examples to deal with quote within quote issue.

USE tempdb;

-- Search names for single quotes - CHAR(39)

SELECT BusinessEntityID,

       FullName = FirstName + ' ' + LastName

INTO Person

FROM AdventureWorks2008.Person.Person

WHERE CHARINDEX( CHAR(39), LastName) > 0

  OR  CHARINDEX( CHAR(39),FirstName) > 0

ORDER BY FullName

GO

 

SELECT * FROM Person

GO

/* Result

 

BusinessEntityID        FullName

2376                    Claire O'Donnell

1551                    Michael O'Connell

827                     Reuben D'sa

78                      Reuben D'sa

1557                    Robert O'Hara

767                     Thierry D'Hers

12                      Thierry D'Hers

1553                    Tim O'Brien

1555                    Tina O'Dell

*/

 

-- Double up single quotation mark (apostrophe) within the quotes

-- SQL like

SELECT * FROM Person

WHERE FullName LIKE '%O''Brien'

GO

-- Result: 1553   Tim O'Brien

 

-- Use char(39) to replace single quotes in the text

-- SQL pattern match

SELECT * FROM Person

WHERE FullName LIKE '%O'+CHAR(39)+'Brien'

GO

-- Result: 1553   Tim O'Brien

 

-- This will fail

SELECT * FROM Person

WHERE FullName = 'Tim O'Brien'

GO

-- '

/*

Msg 102, Level 15, State 1, Line 2

Incorrect syntax near 'Brien'.

Msg 105, Level 15, State 1, Line 2

Unclosed quotation mark after the character string ''.

*/

-- Double up apostrophe for proper filtering -- successful filtering

SELECT * FROM Person

WHERE FullName = 'Tim O''Brien'

GO

 

-- SQL char 39  - explicit string concatenation - successful filtering

DECLARE @FullName varchar(50) = 'Tim O'+CHAR(39)+'Brien'

SELECT * FROM Person

WHERE FullName = @FullName

GO

 

-- Execute cleanup action

DROP TABLE Person

GO

------------

-- ESCAPE character in LIKE string

------------

DECLARE  @Test TABLE (  Col1 varchar(255) );

INSERT @Test VALUES ('General discount is 20-35% off'),

('Weekly discount is .08-.14 off');

 

SELECT Col1 FROM @Test WHERE Col1 LIKE '%20-35!% off%' ESCAPE '!';

GO

-- General discount is 20-35% off

------------

------------

-- Multiple quotes within quotes

------------

/*

To make it sp_MSforeachdb input parameter

      1. Enclose query in single quotes

      2. Double up single quotes within the query

      3. Replace AdventureWorks2008 with ?

 

If 'AdventureWorks2008' Not In ('tempdb', 'master', 'model', 'msdb')

Begin

Use AdventureWorks2008;

Select DatabaseName=DB_Name(), ForEachDBName='AdventureWorks2008'

End;

*/

-- SQL for each db

exec sp_MSforeachdb 'If ''?'' Not In (''tempdb'', ''master'', ''model'', ''msdb'')

Begin

Use ?;

Select DatabaseName=DB_Name(), ForEachDBName=''?''

End ';

 

/* Partial results

 

DatabaseName                  ForEachDBName

ReportServer$MSSQL2008  ReportServer$MSSQL2008

*/

------------

 

Exam Prep 70-461
Exam 70-461
DATETIME SELECT SELECT INTO DATE PAD STRING DYNAMIC SQL CURSOR MONEY FORMAT PERCENT STORED PROCEDURE SQL SERVER AGENT JOB OPTIMIZATION WHILE LOOP OVER PARTITION BY UPDATE