backslashing a quote in a string

G

glenn

I have a function call that needs text sent to it for a query. Some fields
require a double quote around the field name so I do my variable as such...

query = "field1 = val1 and \"field2\" = val2";

This is all cool, however, when I send that query string through a function
call it ends up with the following:

query = "field1 = val1 and \\\"field2\\\" = val2";

It backslashes the original backslash that I had to put there in order to
get the compiler to work. Can anyone tell me another way to do this so I
can finish this program? its the last thing I have to figure out...

Thanks,

glenn
 
T

Tim Wilson

Does the following string get you any farther?
string query = @"field1 = val1 and ""field2"" = val2";
 
G

glenn

Well I have been seeing that @ like that and have not figured out what that
is doing, but in this case it won't let me compile after I remove the
backslashes because the double quote throws it off...

glenn
 
T

Tim Wilson

The @ means verbatim or accept the string "as is". The only escapes really
being necessary for quotes. Can you describe your problem in a little more
depth using exact source code snippets where appropriate?
 
G

glenn

Sure thing:

What has happened is I"m working on an old database schema where some of the
fields have spaces in their name. When this happens the database requires
that you put double quotes around the field names when issuing a query. So
here is where I am building the string to make up a query where the user
selects what elements they want to search on. This is only a fragment...

if ( serialbox.Text != "" )

query += "\"Equipment Serial Number\" like '%" + serialbox.Text + "%' ";

before sending this I tested one more time while my brain was fresh and I
think last night that I did not replace the \ with another quote because I
just did it again and its working now. I'm sorry for the trouble. I had
been going since about 5:30am yesterday and it was late...

Thanks for the help,

glenn
 
E

Ed Kaim

Besides the double-quote issue, you should consider the potential security
implications of this code. I don't know what your backend is, but having
someone use something like

';drop foo;select * from foo where bar like '

in the textbox could cause problems down the road.
 
C

Chris Tacke, eMVP

Now that's fun that I never even considered! Time to try breaking the stuff
I already have done.
 
G

glenn

Yes, you are correct, however, this app will only be run on local network
and the code you are seeing is all test code as I'm trying to learn how all
this stuff works. I am very new to webservices and to VS.

Thanks for the pointer though,

glenn
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

How to make a VBA Function return a value in percent format 8
searching a table using multiple criteria 17
flip this query 3
new table from existing table 1
string formatting question 2
Append with Sub query 2
Going slightly mad - Insert sql not working from code but does in Access? 6
Issue building pivot tables with certain names 1

Top