DataTables
Advanced interaction
features for your tables.
Editor
Comprehensive editing
library for DataTables.
Manual
Download
Show site navigation

Character escape on sql, on side server

Character escape on sql, on side server

AgurtzaneAgurtzane Posts: 8Questions: 3Answers: 0
in Free community support

Hi!

I am having some problems with the following query, because the quoted formats take them as field names. id_periodo is a field in the table. How should I escape the quotes?

$QUERY = 'UPDATE table_tbl SET fecha = :fecha_aux, fecha_fin = to_char(to_timestamp(:fecha_aux, "yyyymmddHH24MISS") + (id_periodo || " month")::interval , "yyyymmddHH24MISS") WHERE id = :id_aux';

$editor->db()->raw()
->bind( ':id_aux', $id_aux )
->bind( ':fecha_aux', $fecha_aux )
->exec( $QUERY );
Thanks

Answers

  • AgurtzaneAgurtzane Posts: 8Questions: 3Answers: 0

    Hi!
    I solved it by swapping single and double quotes.
    Also, I included a second parameter for the same field (:fecha_aux2).

    $QUERY = "UPDATE table_tbl SET fecha = :fecha_aux, fecha_fin = to_char(to_timestamp(:fecha_aux2, 'yyyymmddHH24MISS') + (id_periodo || ' month')::interval , 'yyyymmddHH24MISS') WHERE id = :id_aux";

    $editor->db()->raw()
    ->bind( ':id_aux', $id_aux )
    ->bind( ':fecha_aux', $fecha_aux )
    ->bind( ':fecha_aux2', $fecha_aux )
    ->exec( $QUERY );

This discussion has been closed.

DataTables

DataTables designed and created by SpryMedia Ltd.
© 2007-2023 MIT licensed. Privacy policy. Supporters.
SpryMedia Ltd is registered in Scotland, company no. SC456502.