0

I use the sqlite-porter with importSqlToDb(). But now I have problem with single quota or with back slash in the string. Is there a solution for that?

Becouse I have to write the sql query like this : "INSERT INTO Artist(Id,Title) VALUES ('1','Fred's ball \ shoe');"; and can not use parameter.

Thanks in advance

Dario M.
  • 331
  • 6
  • 16

1 Answers1

0

Single quotes in values should be escaped by using double single quotes in SQLite (see here). Backslashes are fine as literals. So you should use:

 "INSERT INTO Artist(Id,Title) VALUES ('1','Fred''s ball \ shoe');";

The example project for cordova-sqlite-porter contains a complex example which illustrates use of both single quotes and backslashes in value strings, for example:

INSERT INTO [Artist] ([ArtistId], [Name]) VALUES (88, 'Guns N'' Roses');

INSERT INTO [Track] ([TrackId], [Name], [AlbumId], [MediaTypeId], [GenreId], [Composer], [Milliseconds], [Bytes], [UnitPrice]) VALUES (3435, 'Cavalleria Rusticana \ Act \ Intermezzo Sinfonico', 302, 2, 24, 'Pietro Mascagni', 243436, 4001276, 0.99);
Community
  • 1
  • 1
DaveAlden
  • 28,327
  • 11
  • 83
  • 137
  • Hi, yes that is right! But I get this string from a service, wich brings it like ' Guns N' Roses'. So if I create the sql query with parameters, there will be no problem, becouse it will handle the single quotes. I can't use regex to replace the single quote, becouse this string which i receive from the service can contain html tags like "
    bla bla this
    ". Is there a function which edit this string like a I would insert with params?     – Dario M. Mar 02 '16 at 09:13
  • Regardless of how you do it, you will need to double escape the single quotes in values. You can use a regex, even if they are contained in HTML. It just needs to ignore single quotes in attributes. Something like this: `/>(?:[^ – DaveAlden Mar 02 '16 at 09:25