Execute the following
scripts in Query Editor to demonstrate various examples to deal with quote within quote issue.
USE tempdb;
-- Search names for single quotes - CHAR(39)
SELECT BusinessEntityID,
FullName = FirstName + ' ' + LastName
INTO Person
FROM AdventureWorks2008.Person.Person
WHERE CHARINDEX( CHAR(39), LastName) > 0
OR CHARINDEX( CHAR(39),FirstName) > 0
ORDER BY FullName
GO
SELECT * FROM Person
GO
/* Result
BusinessEntityID FullName
2376 Claire O'Donnell
1551 Michael O'Connell
827 Reuben D'sa
78 Reuben D'sa
1557 Robert O'Hara
767 Thierry D'Hers
12 Thierry D'Hers
1553 Tim O'Brien
1555 Tina O'Dell
*/
-- Double up single quotation mark (apostrophe) within the quotes
-- SQL like
SELECT * FROM Person
WHERE FullName LIKE '%O''Brien'
GO
-- Result: 1553 Tim O'Brien
-- Use char(39) to replace single quotes in the text
-- SQL pattern match
SELECT * FROM Person
WHERE FullName LIKE '%O'+CHAR(39)+'Brien'
GO
-- Result: 1553 Tim O'Brien
-- This will fail
SELECT * FROM Person
WHERE FullName = 'Tim O'Brien'
GO
-- '
/*
Msg 102, Level 15, State 1, Line 2
Incorrect syntax near 'Brien'.
Msg 105, Level 15, State 1, Line 2
Unclosed quotation mark after the character string ''.
*/
-- Double up apostrophe for proper filtering -- successful filtering
SELECT * FROM Person
WHERE FullName = 'Tim O''Brien'
GO
-- SQL char 39 - explicit string concatenation - successful filtering
DECLARE @FullName varchar(50) = 'Tim O'+CHAR(39)+'Brien'
SELECT * FROM Person
WHERE FullName = @FullName
GO
-- Execute cleanup action
DROP TABLE Person
GO
------------
-- ESCAPE character in LIKE string
------------
DECLARE @Test TABLE ( Col1 varchar(255) );
INSERT @Test VALUES ('General discount is 20-35% off'),
('Weekly discount is .08-.14 off');
SELECT Col1 FROM @Test WHERE Col1 LIKE '%20-35!% off%' ESCAPE '!';
GO
-- General discount is 20-35% off
------------
------------
-- Multiple quotes within quotes
------------
/*
To make it sp_MSforeachdb input parameter
1. Enclose query in single quotes
2. Double up single quotes within the query
3. Replace AdventureWorks2008 with ?
If 'AdventureWorks2008' Not In ('tempdb', 'master', 'model', 'msdb')
Begin
Use AdventureWorks2008;
Select DatabaseName=DB_Name(), ForEachDBName='AdventureWorks2008'
End;
*/
-- SQL for each db
exec sp_MSforeachdb 'If ''?'' Not In (''tempdb'', ''master'', ''model'', ''msdb'')
Begin
Use ?;
Select DatabaseName=DB_Name(), ForEachDBName=''?''
End ';
/* Partial results
DatabaseName ForEachDBName
ReportServer$MSSQL2008 ReportServer$MSSQL2008
*/
------------
|