Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
yuhe98
Starting Member
1 Post |
 Posted - 2010-04-23 : 18:17:31
|
| I have to write a storeprocedure to do something. But the parameter i passed in has single quotation in some cases.My store procedure as the following kind of like this.: EXECUTE (@SQL + ' where CustomerAddressBase.city = ''' + @paramCity + ''' and (stateOrProvince = ''' + @state_abbr + ''' or stateOrProvince = ''' + @state_nm + ''') and ' + @paramService + ' = 1') @paramCity and CustomerAddressBase.city both has single quotation in some cases.Then my store procedure will broken.Anybody can help? i really appreciate |
|
|
Lamprey
Master Smack Fu Yak Hacker
4614 Posts |
Posted - 2010-04-23 : 18:32:07
|
| I assume you jsut want to know about the REPLACE function. That youc na use to "fix" up strings that have single quotes in them. However, you should really look up sp_executesql. That is safer than EXECuting dynamic SQL directly. |
 |
|
|
visakh16
Very Important crosS Applying yaK Herder
52326 Posts |
Posted - 2010-04-24 : 01:00:19
|
| http://sqlblogcasts.com/blogs/madhivanan/archive/2008/02/19/understanding-single-quotes.aspx------------------------------------------------------------------------------------------------------SQL Server MVPhttp://visakhm.blogspot.com/ |
|
|
|
|
|
|
Problem with single quotation