[ic] SQL search problem

Sergey Sheykin sheich@mosinfo.ru
Tue, 9 Jan 2001 16:27:57 +0300


Dear Msquared,

how can i trace, in what place Interchange treats variables,
transferred by me from the form?

I test /interchange/lib/vend/table/dbi.pm
and can't do this. 

In dbi.pm i can only treat a $query variable (bodily),
and can't change a value for search .

> -----Original Message-----
> From: interchange-users-admin@lists.akopia.com
> [mailto:interchange-users-admin@lists.akopia.com]On Behalf Of msquared
> Sent: Friday, January 05, 2001 5:37 AM
> To: interchange-users@lists.akopia.com
> Subject: Re: [ic] SQL search problem
> 
> 
> On Thu, Jan 04, 2001 at 04:22:32PM +0300, Sergey Sheykin wrote:
> 
> > [query ml=10 more=1 list=1
> >  query="
> >  select sku, title, price, authors, pubdate, category
> >  from products
> >  where authors = '[value f_value]'"
> > ]
> > 
> > and inside the [value f_value] meets _'_ character,
> > browser show "Internal Server Error" (500), because
> > line of SQL-request terminated on a _'_ -character!
> 
> Most dialects of SQL required you to place two _'_ characters together to
> quote as one _'_ character.  For example:
> 
>   query="
>   select sku, title, price, authors, pubdate, category
>   from products
>   where authors = 'that''s the right way to enter an apostrophe'"
> 
> This would select products where authors is:
> 
>     that's the right way to enter an apostrophe
> 
> 
> Now, how you go about making Interchange deal with this, I don't know.
> Anyone else?
> 
>              2
> Regards, /|/|
>         /   | (MSquared)
> -- 
> ___________________________________________
> M Squared  <msquared@digitalwizards.com.au>
> Code monkey (programmer)
> Digital Wizards
> http://www.digitalwizards.com.au
> 
> _______________________________________________
> Interchange-users mailing list
> Interchange-users@lists.akopia.com
> http://lists.akopia.com/mailman/listinfo/interchange-users