[ic] SQL search problem
Tue, 9 Jan 2001 16:27:57 +0300
how can i trace, in what place Interchange treats variables,
transferred by me from the form?
I test /interchange/lib/vend/table/dbi.pm
and can't do this.
In dbi.pm i can only treat a $query variable (bodily),
and can't change a value for search .
> -----Original Message-----
> From: email@example.com
> [mailto:firstname.lastname@example.org]On Behalf Of msquared
> Sent: Friday, January 05, 2001 5:37 AM
> To: email@example.com
> Subject: Re: [ic] SQL search problem
> On Thu, Jan 04, 2001 at 04:22:32PM +0300, Sergey Sheykin wrote:
> > [query ml=10 more=1 list=1
> > query="
> > select sku, title, price, authors, pubdate, category
> > from products
> > where authors = '[value f_value]'"
> > ]
> > and inside the [value f_value] meets _'_ character,
> > browser show "Internal Server Error" (500), because
> > line of SQL-request terminated on a _'_ -character!
> Most dialects of SQL required you to place two _'_ characters together to
> quote as one _'_ character. For example:
> select sku, title, price, authors, pubdate, category
> from products
> where authors = 'that''s the right way to enter an apostrophe'"
> This would select products where authors is:
> that's the right way to enter an apostrophe
> Now, how you go about making Interchange deal with this, I don't know.
> Anyone else?
> Regards, /|/|
> / | (MSquared)
> M Squared <firstname.lastname@example.org>
> Code monkey (programmer)
> Digital Wizards
> Interchange-users mailing list