[encode_sqlfull]
| Link | encode_sqlfull |
| Author | Jolle Carlestam |
| Category | Database |
| Version | 9.x |
| License | Public Domain |
| Posted | 03 Oct 2011 |
| Updated | 03 Oct 2011 |
| More by this author... | |
Description
Alternative to encode_sql that also deals with escaping % and _ so that the resulting string can be safely used when creating sql queries with LIKE sections.
See Bil Corrys talk from LDC Chicago 2008: All Your Base Are Belong To Us
Only needed when dealing with SQL queries using LIKE statements (or any of the other pattern- matching queries that recognize “%” and “_”).
Sample Usage
var(sql = 'SELECT *
FROM mydb.mytable
WHERE
myfield LIKE "' + encode_sqlfull(action_param('myvalue')) + '%"')
Source Code
Click the "Download" button below to retrieve a copy of this tag, including the complete documentation and sample usage shown on this page. Place the downloaded ".inc" file in your LassoStartup folder, restart Lasso, and you can begin using this tag immediately.
encodesql_full()::string => {
local(text = string(self))
#text -> replace(regexp(`(["'\\])`), `\\\1`) & replace('\0', `\0`)
#text -> replace(`%`, `\%`)
#text -> replace(`_`, `\_`)
return #text
}
define encode_sqlfull(text::string) => #text -> encodesql_full
?>
Comments
No comments