MySQL in a Nutshell

Name

QUOTE( )

Synopsis

QUOTE(string)

This function returns a value as an input-safe string for a given string enclosed in single quotes. Single quotes, backslashes, ASCII NULLs, and Ctrl-Zs contained in the string are escaped with a backslash. This is a useful security measure when accepting values from a public web interface.

SELECT QUOTE(course_name) AS Courses
FROM courses
WHERE course_name LIKE "%'%" LIMIT 1;
+-------------------+
| Courses           |
+-------------------+
| Works of O\'Henry |
+-------------------+

In the WHERE clause of this SQL statement, the LIKE operator is used to find courses with a single quote in their names. The % is a wildcard. Because of the QUOTE() function, the single quote in the field returned is escaped with a backslash.

Get MySQL in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

MySQL in a Nutshell by Russell J.T. Dyer

Name

Synopsis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly