在表中插入双引号的字符串 [英] Inserting a string with double quotes into a table
问题描述
我正在使用Oracle 10g,但在向表中插入带双引号的字符串时遇到了问题.这是我的声明
I'm using Oracle 10g and I'm having a problem inserting a string with double quotes into a table. This is my statement
INSERT INTO USERS (ID, NAME, USERNAME) VALUES (NULL, "tes", "hello");
上面的查询失败,错误为此处不允许使用Oracle列" .
The query above fails with the error "Oracle column not allowed here".
如果我将双引号更改为单引号,则如下所示,语句成功.
If I change double quotes to single quotes, as below the statement is successful.
INSERT INTO USERS (ID, NAME, USERNAME) VALUES (NULL, 'tes', 'hello');
但是,我想在表中插入双引号.
But, I want to insert the double quotes into the table.
在插入语句中的字符串中是否可以有双引号?我不想使用REPLACE(),因为我的查询是从数组自动生成的.
Is it possible to have double quote in strings in an insert statement? I don't want to use REPLACE() because my query is automatically generated from an array.
推荐答案
使用双引号表示是列而不是字符串,并且您不能在INSERT语句的VALUES子句中使用列名
A double quote is used to denote a quoted identifier, i.e. an object name that does not solely consist of alpha-numeric characters, $ and #. As an aside, it's recommended that you do not use quoted identifiers. This is the reason for your original ORA-00984 error. Oracle is assuming that "tes" is a column, not a string, and you can't use a column name in the VALUES clause of an INSERT statement, as explained in the error message.
In order to insert the string "tes" into a table you need to ensure that it is quoted correctly:
字符文字用单引号引起来,以便数据库可以将它们与模式对象名称区分开.
Character literals are enclosed in single quotation marks so that the database can distinguish them from schema object names.
任何字符都可以是字符串的一部分,因此,为了在表中插入双引号,您需要将其用单引号引起来.
Any character can be part of a string so in order to insert a double quote into a table you need to enclose it within single quotes.
insert into users (id, name, username)
values (null, '"tes"', '"hello"');
这是一个 SQL小提琴进行演示.
另外要注意的一件事.您声明此查询是自动生成的,这意味着您可能容易受到SQL注入的攻击.我强烈建议阅读防止SQL注入的绑定变量.
One additional thing to note. You state that this query is automatically generated, which means you may be vulnerable to SQL injection. I would highly recommend reading about bind variables in Guarding Against SQL Injection.
这篇关于在表中插入双引号的字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
