Real Software Forums

The forum for Real Studio and other Real Software products.
[ REAL Software Website | Board Index ]
It is currently Fri Aug 17, 2018 10:10 pm
xojo

All times are UTC - 5 hours




Post new topic Reply to topic  [ 7 posts ] 
Author Message
 Post subject: Encode Strings for MySQL
PostPosted: Thu Oct 06, 2005 1:55 pm 
Offline

Joined: Thu Oct 06, 2005 1:50 pm
Posts: 15
Location: Oregon, US
Hi, can anyone tell me if RB has a function to make text strings SQL safe for Inserts? Something similar to PHP's mysql_real_escape_string() would be nice. If not would creating a method with RegEx be the best solution?

Basically I want to escape all quotes from user input values and other sources.

Thanks in advance

_________________
Chris
TeamMASCOT.com
NFL, NCAA, NBA, MLB, NASCAR & NHL Licensed Merchandise


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Oct 06, 2005 2:33 pm 
Offline
User avatar

Joined: Wed Sep 28, 2005 8:39 am
Posts: 9341
Location: St Augusta, MN
Moved into the Databases forum for accuracy.


Top
 Profile  
Reply with quote  
 Post subject: Re: Encode Strings for MySQL
PostPosted: Thu Oct 06, 2005 3:39 pm 
Offline

Joined: Wed Sep 28, 2005 8:30 am
Posts: 5479
Location: Austin, TX
teammascot wrote:
Hi, can anyone tell me if RB has a function to make text strings SQL safe for Inserts? Something similar to PHP's mysql_real_escape_string() would be nice. If not would creating a method with RegEx be the best solution?

Basically I want to escape all quotes from user input values and other sources.

Thanks in advance



There isn't anything built in but it wouldn't be hard to write your own. You could do something like this (note I do not know what all should be escaped in mysql but this will give you an idea):

Function EscapeSQLData(data as string) as string
data = replaceAll(data,"","\")
data = replaceAll(data,"'","\'")
data = replaceAll(data,chr(34),""+chr(34))
return data
End Function


Hope this helps.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Oct 06, 2005 4:12 pm 
Offline

Joined: Thu Oct 06, 2005 1:50 pm
Posts: 15
Location: Oregon, US
Perfect, exactly what I was looking for:-) Thanks, I don't know how I missed the replaceAll function.

How appropriate a Noles fan would have the answer.

Thanks again.

_________________
Chris
TeamMASCOT.com
NFL, NCAA, NBA, MLB, NASCAR & NHL Licensed Merchandise


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Oct 06, 2005 4:39 pm 
Offline

Joined: Wed Sep 28, 2005 8:30 am
Posts: 5479
Location: Austin, TX
teammascot wrote:
Perfect, exactly what I was looking for:-) Thanks, I don't know how I missed the replaceAll function.

How appropriate a Noles fan would have the answer.

Thanks again.



I had to go check out your website after I answered your post. May have to do some business there soon!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Oct 06, 2005 9:20 pm 
Offline

Joined: Sat Oct 01, 2005 9:55 am
Posts: 527
And if you need a method to do the reverse:
Function UnEscapeSQLData(data as string) as string
data = replaceAll(data,"\'","'")
data = replaceAll(data,"\"+chr(34),chr(34))
data = replaceAll(data,"\\","\")
return data
End Function


Note that when escaping, the escape character itself should be handled first; in un-escaping, it should be handled last.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Oct 07, 2005 7:25 am 
Offline

Joined: Fri Sep 30, 2005 8:33 am
Posts: 103
Location: Houston, TX
You could also use EncodeBase64 and DecodeBase64 if you wanted built in functions. However this would leave the data in the database in an unhuman readable format.

Just a thought,

Kev

_________________
Beware Geeks bearing GIFs


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

All times are UTC - 5 hours


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group