如何解析T SQL中的特殊字符

时间:2014-11-11 04:46:41

标签: sql-server function tsql sql-function

我正在编写一个SQL Server函数,该函数应该解析输入字符串并在其上应用一些函数, 输入中的某些字符为"'。如何在功能中识别它们?

Declare @Str varchar(300)
Declare @CurrentChar char    --("A" OR "B") AND "C"

DECLARE @POSITION INT

SET @POSITION = 0
DECLARE @FLAG INT
SET @FLAG= 0

declare @colName varchar(15)
declare @SearchKeyWord varchar(200)
set @colName='article_title'
set @SearchKeyWord='"A" and "B"'

WHILE @POSITION <LEN(@SearchKeyWord) 
    BEGIN

        SET @CurrentChar =  SUBSTRING(@SearchKeyWord,@POSITION+1,@POSITION+2)
        print 'CurrentChar ' +  @CurrentChar
*       if @CurrentChar = ('"')
            BEGIN
                IF (@FLAG=0) 
                    BEGIN
                        SET @FLAG=1;
                        SET @Str = @Str + @colName + ' LIKE ''%';   
                    END 
                ELSE --FLAG=1 : end of the parsing word
                    BEGIN
                        SET @FLAG = 0 ;
                        SET @Str = @Str + '%'' ';   
                    END

            print 'str: ' +  @Str
            END
        if (@CurrentChar = (' ') OR @CurrentChar = ('(') OR @CurrentChar = (')') OR     (ASCII(@CurrentChar) BETWEEN 65 and 90) OR (ASCII(@CurrentChar) BETWEEN 97 and 122) OR (ASCII(@CurrentChar) BETWEEN 48 and 57))
            BEGIN
                    --print 'else'
                    SET @Str = @Str + @CurrentChar ;    

            print 'str: ' +  @Str
            END


        SET @POSITION = @POSITION + 1
    END

4 个答案:

答案 0 :(得分:1)

而不是在所有特殊字符中单引号,在Sqlserver端,没有问题,你将面临。

唯一的单引号,只要你有单引号,你可以用双单引号代替。所以sql将使用单引号执行。

Declare @Str varchar(300)
Declare @CurrentChar char    --("A" OR "B") AND "C"

DECLARE @POSITION INT = 0

DECLARE @FLAG INT = 0

declare @colName varchar(15) = 'article_title'
declare @SearchKeyWord varchar(200) = '"A" ''and "B"' --I added here the single quote(') and its works


WHILE @POSITION <LEN(@SearchKeyWord) 
    BEGIN

        SET @CurrentChar =  SUBSTRING(@SearchKeyWord,@POSITION+1,@POSITION+2)
        print 'CurrentChar ' +  @CurrentChar
        if @CurrentChar = ('"')
            BEGIN
                IF (@FLAG=0) 
                    BEGIN
                        SET @FLAG=1;
                        SET @Str = @Str + @colName + ' LIKE ''%';   
                    END 
                ELSE --FLAG=1 : end of the parsing word
                    BEGIN
                        SET @FLAG = 0 ;
                        SET @Str = @Str + '%'' ';   
                    END

            print 'str: ' +  @Str
            END
        if (@CurrentChar = (' ') OR @CurrentChar = ('(') OR @CurrentChar = (')') OR     (ASCII(@CurrentChar) BETWEEN 65 and 90) OR (ASCII(@CurrentChar) BETWEEN 97 and 122) OR (ASCII(@CurrentChar) BETWEEN 48 and 57))
            BEGIN
                    --print 'else'
                    SET @Str = @Str + @CurrentChar ;    

            print 'str: ' +  @Str
            END


        SET @POSITION = @POSITION + 1
    END

这里我在使用C#代码和Sql过程时给出了一些解释。

--****suppose you want to check via sp, ****--
--alter procedure get_thedataWithParameterValueHaveSpecialChar
--(
declare @stringParameter Varchar(50) --suppose you passing the value from c# is : "a'b\"c"
print @stringParameter --will show at 
--)
--as
--begin
declare @find nvarchar(500), @replace nvarchar(500)
    Set @find =''+ char(39) +''  --this is the ascii value of single quote            
    Set @replace = ''+char(39)+char(39)+''

    Set @stringParameter =  '"'+ replace(@stringParameter,@find,@replace)  +'*"'                
print @stringParameter --will show the double single quote

--end   

答案 1 :(得分:0)

单引号(')的转义字符是单引号(')本身。 对于双引号(“),您可以按原样使用它。

试试这个

DECLARE @sStr varchar(10)

SET @sStr = ''''

If @sStr = ('''')
    SELECT 'Str is '''
ELSE IF @sStr = ('"')
    SELECT 'Str is "'
ELSE 
    SELECT 'Other char'

答案 2 :(得分:0)

我的问题是别的什么

我应该在进入While循环

之前设置Str
set @Str = '';

:)

答案 3 :(得分:0)

CREATE TABLE SPECIAL_CH (S_CH VARCHAR(10))
INSERT INTO SPECIAL_CH
VALUES (''''),(';'),('"'),('<')

CREATE TABLE USER_TABLE (ID INT identity primary key,STRING VARCHAR(50))

INSERT INTO USER_TABLE
VALUES ('nothingin2'),('nothingin3'),('"charhere'),('charhere<'),('nothingin')

/*Multiple chars in string*/
INSERT INTO USER_TABLE
VALUES ('charshere<"')

/* USE [YourDB]
   GO SET ANSI_NULLS ON
   GO SET QUOTED_IDENTIFIER ON
   GO

ALTER FUNCTION dbo.FindS_CH (@input VARCHAR(255))
returns VARCHAR(255)
AS BEGIN

DECLARE @RETURN VARCHAR(255)
SET @RETURN = (SELECT  x.RESULT
                    FROM
                    (SELECT @input AS STRING) p
                    CROSS APPLY (select 
REPLACE(stuff((select ', ' + cast(S_CH as varchar(512))
        from SPECIAL_CH c 
        where p.STRING LIKE '%'+ c.S_CH +'%' 
        for xml path('')),1,2,''),'&lt','') as RESULT) x)

RETURN @RETURN
END
END*/




SELECT ID,STRING ,dbo.FindS_CH(STRING)
FROM USER_TABLE