Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: users using &, ", ', and other chars in input fields
Chris O wrote:
>>I see no evidence of dynamic SQL having anything to do with the OP's
>>question. Perhaps this is my error but what I saw was:
>>
>>SQL> CREATE TABLE test (
>> 2 testcol VARCHAR2(20));
>>
>>SQL> insert into test values (TRANSLATE('ABC&DEF', 'A&', 'A'));
>>
>>1 row created.
>>
>>SQL> select * from test;
>>
>>TESTCOL
>>--------------------
>>ABCDEF
>>
>>SQL>
>>
>>Ampersand stripped out.
>>
>>--
>>Daniel Morgan
> > Hi Daniel. > > As I read it, there were two examples given. > > The first was this: >
> > the >
> > which implies to me that their application is constructing the SQL insert > statement dynamically. > > Cheers Chris
Perhaps. I was thinking more that it was something like:
Enter Company Name: [ ]
and the end-user entered:
Enter Company Name: [Smith & Co. ]
-- Daniel Morgan http://www.outreach.washington.edu/ext/certificates/oad/oad_crs.asp http://www.outreach.washington.edu/ext/certificates/aoa/aoa_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)Received on Fri Jan 30 2004 - 09:20:55 CST