When I try this:
db = 'ACS-Sociodemographics(USA,CensusBlockGroups,2018)'
ctx.cursor().execute(f"USE DATABASE {db}")
I get this error:
ProgrammingError: 001003 (42000): SQL compilation error:
syntax error line 1 at position 16 unexpected '-'.
Is there a recommended way to pass a string with reserved characters?
Yes, the db name needs to be encased in double quotes. To make life easier, wrap the whole thing in single quotes like so:
ctx.cursor().execute(f'USE DATABASE "{db}"')
Related
Snowflake allows table names to contain special characters, as long as the table name is surrounded by double quotes.
However, I'm having trouble referring to the internal stage for such tables. Double quotes don't seem to work when referring to these stages.
Example:
CREATE TABLE "cars (sedan)" (myint int)
Attempts to refer the internal stage for this table will fail (this was done on snowflake's online console):
LIST #%"cars (sedan)"
or
PUT file:///tmp/myfile.csv #%"cars (sedan)"
error message (for LIST):
SQL compilation error: syntax error line 1 at position 13 unexpected '('.
If the table name was something nice (like "cars"), then the query will succeed.
What is the proper way to refer to these stages?
Try wrapping it in single quotes:
list '#%"cars (sedan)"'
Alternatively, you may also use $$ for enclosing the identifier and #%, as below:
ls $$#%"cars (sedan)"$$;
According to the documentation, when copying data from files in a table stage, the FROM clause can be omitted because Snowflake automatically checks for files in the table stage.
Could you omit the FROM since the name is throwing the error?
How do you escape strings for SQLite table names in c?
I find a document, but it do not tell me the detail https://www.sqlite.org/lang_keywords.html
And this document says that sql is end with '\x00' https://www.sqlite.org/c3ref/prepare.html
Here is the similar question in python: How do you escape strings for SQLite table/column names in Python?
Identifiers should be wrapped in double quotes if they need escaping, with all double quotes in them escaped by doubling up the quotes. bad"name" needs to become "bad""name" to be used in a SQL statement.
Sqlite comes with custom versions of *printf() functions that include formats for escaping sql identifiers and strings (Which use single quotes in SQL). The one that does the escaping of double quotes for identifiers is %w:
char *sanitized_ddl = sqlite3_mprintf("CREATE TABLE \"%w\"(\"%w\", \"%w\");",
"bad\"name", "foo bar", "baz");
Ideally, though, you're not going to use table or column names that need escaping, but it's good practice to escape user-supplied names to help protect against SQL injection attacks and the like.
Example:
example to 'example'
'a to '''a'
Detail:
Do not use the byte value 0 in the string.It will return an error like unrecognized token: "'" even if you pass the correct zSql len to sqlite3_prepare_v2().
Replace ' to '' in the string, add ' to the start and the end to the string. ' is single quote (byte 39).
It is not recommend to use invalid utf8 string. The string do not need to be valid utf8 string according to the parse code in sqlite3 version 3.28.0 . I have tested that invalid utf8 string can use as table name, but the document of sqlite3_prepare_v2() says you need SQL statement, UTF-8 encoded
I have write a program to confirm that any byte list with len 1,2 without byte value 0 in it, can use as the table name, and the program can read value from that table, can list the table from the SQLITE_MASTER table in sqlite3 version 3.28.0.
I find it hard to imagine that this question hasn't been asked before, but I couldn't find it.
I would like to use Linq2Db for Sybase and I need to change the identifier quoting characters from [ and ] to " and ", which is what Sybase uses. Is there anyway to do this? I tried looking at the linq2db source code once and it appears that these characters are hard coded, but I'm not sure (I think it would be silly to hard code them). Using Linq2db as it comes always produces errors around the "[" when Sybase executes the queries.
This is Sybase ASE 12.5, and it does not like [];
Here are some sample queries and the error message:
set quoted_identifier on
select * from "client" where clnt_id=140
select * from [client] where clnt_id=140
the first query works, but the second gives:
Incorrect syntax near '['. [SQLCODE=102, SQLSTATE="42000", Server=testtrng_ss1, Severity Level=15, State=1, Transaction State=1, Line=3]
Am having issues with escaping parts of strings in SQL. On example is:
SELECT TOP 10000 *
FROM experience
WHERE name IS
'AT&T'
Which is saying incorrect syntax near Incorrect syntax near 'AT'. Seems its an issue with the & - is there any general rule to escaping?
Have also tried
SELECT TOP 10000 *
FROM experience
WHERE name Like
'AT&\T'
This works, although gives no results (there are results which should come up)
The only character that needs escaping in a string literal is the single quote. '. This is escaped by doubling them up instead of with a backslash.
SELECT 'O''Reilly'
In the vast majority of cases you should be using parameterised queries anyway and never need to even do that.
The correct operator to use is =
SELECT TOP 10000 *
FROM experience
WHERE name = 'AT&T'
Works Fine SQL Fiddle Demo
IS is only used in conjunction with [NOT] NULL
The only special significance backslash has in a string literal is if immediately before a line break when it acts as a line continuation character.
PRINT 'This is all \
one line'
Returns
This is all one line
I am run into trouble.If type in Single-Double quotes in search statement will raise up a error,My sql statement like this:
SELECT UsersID,Sex,Age FROM dbo.UserBasicInfo WHERE
CONTAINS(PositionDesired,'"*"JAVA*"')
The error message:
Msg 7630, Level 15, State 3, Line 1
Syntax error near 'JAVA*' in the full-text search condition '"*"JAVA*"'.
Assume that the result must contains Single-Double quotes like: "JAVA"PHP" How to do?
Thanks !
You have an extra embedded double quote:
CONTAINS(PositionDesired,'"*"JAVA*"')
----------------------------^
This effectively terminates the string early, and SQL Server doesn't understand what that extra stuff is.
Should be (I think, not a full-text guru):
CONTAINS(PositionDesired,'"*JAVA*"')
However, I think that will eliminate the error, but not return the results you are after, since punctuation is ignored. You may have to use a combination of CONTAINS and LIKE, e.g.:
CONTAINS(PositionDesired,'JAVA')
AND PositionDesired LIKE '%"JAVA"%'
Or for the new requirement you've added:
CONTAINS(PositionDesired,'JAVA PHP')
AND PositionDesired LIKE '%"JAVA"PHP%"'
In the LIKE clause you don't have to worry about escaping or doubling-up the double quote, because it isn't a string delimiter there.
Hopefully the CONTAINS clause will filter results first, but even in a normal query there is no guarantee of short-circuiting or order of evaluation; I have no idea about a query with full-text and standard filters.