我如何绕过"'"在SQLite和C#的问题吗? [英] How do I get around the "'" problem in sqlite and c#?
问题描述
我在Microsoft Visual C#2008年工作前preSS的SQLite。
I'm working in Microsoft Visual C# 2008 Express with Sqlite.
据我所知,一个apostrope(')在我的文字有一个查询问题。我的问题是,我想我可以用\\替换。它似乎并不奏效......这里是我的code的parred下来例如:
I understand that an apostrope (') in my text has problems in a query. My problem is that I thought I could replace it with \'. It doesn't seem to be working... Here's a parred down example of my code:
string myString = "I can't believe it!";
cmd.CommandText = "Insert into myTable (myid,mytext) values (1,'" + myString.Replace("'","\\'") + "');";
我得到的错误是:
SQLite的错误:
附近的T:语法错误
The error I get is: SQLite error: near "t": syntax error
我试过几个其他的替代品......像其他斜线。我写我的字符串和我的字符串的替换版本到控制台,以确保它出来的权利。
I've tried a couple other replacements... like the other slash. And I wrote my string and a replaced version of my string out to the console to make sure it was coming out right.
什么愚蠢的错误我是做在这里?
What stupid error am I making here?
谢谢!
-Adeena
推荐答案
由罗伯特·psented解决方案$ P $会工作(如更换
按)。
The solution presented by Robert will work (i.e. replacing '
by ''
).
另外,您可以使用参数为:
Alternatively you can use parameters as in:
DbCommand cmd = new DbCommand();
DbParameter param = cmd.CreateParameter();
// ...
// more code
// ...
cmd.CommandText = "Insert table (field) values (@param)";
param.ParameterName = "param"
param.DbType = DbType.String;
param.Value = @"This is a sample value with a single quote like this: '";
cmd.Parameters.Add(param);
cmd.ExecuteNonQuery();
这篇关于我如何绕过"'"在SQLite和C#的问题吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!