How to insert values with single quote into tables in sql server?

Asked Dec 06 '17 at 10:15

Active Dec 06 '17 at 10:20

Viewed 2,444 times

I have used these identifiers in my proc. But still it fails while inserting any value that contains single quote in it. Can any one help

SET ANSI_NULLS ON;
GO
SET QUOTED_IDENTIFIER ON;
GO

asked Dec 06 '17 at 10:15

Shankar Panda

2

Double quote `''something''` – Ilyes Dec 06 '17 at 10:15
make sure you are representing single quote as `''` while `insert` – Yogesh Sharma Dec 06 '17 at 10:16
That's okay, But procedure takes data from another table and insert into a temporary table. I am not sure if we can replace while inserting – Shankar Panda Dec 06 '17 at 10:19
Keep the data in *variables*/parameters of the appropriate data types. It sounds like, sooner or later, you're injecting your data into queries by performing string concatenation. That leads to "quoting issues" such as the ones you're describing. It's also the source of SQL Injection issues which are one of the worst things you can leave in your code. – Damien_The_Unbeliever Dec 06 '17 at 10:42
True. That's why this issue pops in. I need to find another way – Shankar Panda Dec 06 '17 at 10:43

0 Answers0