why we use multiple single quotes in dynamic sql query

Question

0.00/5 (No votes)

See more:

SQL

exec(
''SELECT CASE SERVERPROPERTY(''''IsFullTextInstalled'''')
	WHEN 1 THEN 
		CASE DatabaseProperty (DB_NAME(DB_ID()), ''''IsFulltextEnabled'''')
		WHEN 1 THEN 1
		ELSE 0
		END
	ELSE 0
	END
''
)

can any one explain why, in the above query, they are using multiple single quotes in the select statement?

Posted 23-Oct-15 1:07am

Bala Chandra C

Updated 23-Oct-15 5:49am

Matthew Dennis

v2

Add a Solution

3 solutions

Solution 3

An observation on the code you presented - when I paste it into a query window I get errors

Quote:
Msg 156, Level 15, State 1, Line 2
Incorrect syntax near the keyword 'SELECT'.
Msg 102, Level 15, State 1, Line 2
Incorrect syntax near 'IsFullTextInstalled'.

Those extra double quotes at the start and end of the code should not be there. If removed the code produces the text

SQL

SELECT CASE SERVERPROPERTY(''IsFullTextInstalled'')
    WHEN 1 THEN
        CASE DatabaseProperty (DB_NAME(DB_ID()), ''IsFulltextEnabled'')
        WHEN 1 THEN 1
        ELSE 0
        END
    ELSE 0
    END

which still produces the error. I think the code should read

SQL

exec(
'SELECT CASE SERVERPROPERTY(''IsFullTextInstalled'')
    WHEN 1 THEN
        CASE DatabaseProperty (DB_NAME(DB_ID()), ''IsFulltextEnabled'')
        WHEN 1 THEN 1
        ELSE 0
        END
    ELSE 0
    END
    ')

A technique I sometimes employ to avoid long streams of single quotes is to use CHAR(39) to represent the single quote that needs to be in the dynamic query E.g.

SQL

DECLARE @DynamicQuery Nvarchar(max) =
'SELECT CASE SERVERPROPERTY(' + CHAR(39) + 'IsFullTextInstalled' + CHAR(39) + ')
    WHEN 1 THEN
        CASE DatabaseProperty (DB_NAME(DB_ID()),' + CHAR(39) + 'IsFulltextEnabled' + CHAR(39) + ')
        WHEN 1 THEN 1
        ELSE 0
        END
    ELSE 0
    END
'
EXEC sp_executesql  @DynamicQuery

Posted 23-Oct-15 3:06am

CHill60

Solution 1

Refer this link for your answer bro

http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=179130[^]

another thing to Understand this

<br />
<br />
SELECT columns from mytable where col ='Lifco's'<br />
<br />
When you specify a value which has single quote, you need to double it<br />
<br />
SELECT columns from mytable where col ='Lifco''s'<br />
<br />
The following may be helpful (Run and see the result)<br />
<br />
SELECT '','''','''''','''''''',''''''''''<br />
<br />
When you use a static sql and express a value in a single quote then first and last sigle quotes specify that the value is a string. Then within those single quotes every double single quotes represent a single single quote<br />
<br />
When you use a Dynamic sql then first and last sigle quotes specify that it is a dynamic sql. Then within those single quotes every double single quotes specify that it is a string.Then within those single quotes every four single quotes represent a single single quote<br />
<br />
Run and see the result<br />
<br />
EXEC('SELECT '''','''''''','''''''''''','''''''''''''''',''''''''''''''''''''')

Posted 23-Oct-15 1:54am

Surendra0x2

v3

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2015-10-23T01:35:00

Simple: single quote is the string start-and-end indicator, so if you want to include a single quote in the string, you have to use two of them together.
So if you are trying to generate a string that contains a single quote it's simple:

'AB''CD'

But you are trying to generate a string that will be executed, so it needs double quotes as well to prevent it being taken as a terminator there:

'''AB''''CD'''

Passes a string containing

'AB''CD'

for execution.