Post reply

Adding single quotes in a string

  • April 21, 2016 at 6:24 am

    #313434

    Hi

    DECLARE @Codes nvarchar(500) = 'AZJ,CLC,AZF,DDD'

    -- need result like this

    'AZJ','CLC','AZF','DDD'

    without substring function is it possible to get the result.

    Thanks

  • April 21, 2016 at 6:28 am

    #1873570

    You just need to use REPLACE and escape the single quotes.

    DECLARE @Codes nvarchar(500) = 'AZJ,CLC,AZF,DDD'

    SELECT REPLACE(@Codes, ',', ''',''')

    Are you doing this for dynamic sql coding? Are you aware of sql injection and all the perils it involves?

    Luis C.
    General Disclaimer:
    Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?

    How to post data/code on a forum to get the best help: Option 1 / Option 2

  • April 21, 2016 at 6:32 am

    #1873572

    Luis Cazares (4/21/2016)

    You just need to use REPLACE and escape the single quotes.

    DECLARE @Codes nvarchar(500) = 'AZJ,CLC,AZF,DDD'

    SELECT REPLACE(@Codes, ',', ''',''')

    Are you doing this for dynamic sql coding? Are you aware of sql injection and all the perils it involves?

    You missed the first and last.

    DECLARE @Codes NVARCHAR(500) = 'AZJ,CLC,AZF,DDD';

    SELECT CONCAT('''', REPLACE(@Codes, ',', ''','''), '''');

    The absence of evidence is not evidence of absence
    - Martin Rees
    The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
    - Phil Parkin

  • April 21, 2016 at 6:34 am

    #1873576

    if you are working with SQL Server 2016 then there is a new function called STRING_SPLIT ( string , separator )

  • April 21, 2016 at 6:37 am

    #1873579

    NJ Smith (4/21/2016)

    if you are working with SQL Server 2016 then there is a new function called STRING_SPLIT ( string , separator )

    Indeed there is. But I see no string splitting requirement here.

    The absence of evidence is not evidence of absence
    - Martin Rees
    The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
    - Phil Parkin

  • April 21, 2016 at 6:37 am

    #1873580

    Phil Parkin (4/21/2016)

    Luis Cazares (4/21/2016)

    You just need to use REPLACE and escape the single quotes.

    DECLARE @Codes nvarchar(500) = 'AZJ,CLC,AZF,DDD'

    SELECT REPLACE(@Codes, ',', ''',''')

    Are you doing this for dynamic sql coding? Are you aware of sql injection and all the perils it involves?

    You missed the first and last.

    DECLARE @Codes NVARCHAR(500) = 'AZJ,CLC,AZF,DDD';

    SELECT CONCAT('''', REPLACE(@Codes, ',', ''','''), '''');

    Need coffee now.

    Must not post before morning coffee.

    Luis C.
    General Disclaimer:
    Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?

    How to post data/code on a forum to get the best help: Option 1 / Option 2

  • April 21, 2016 at 6:37 am

    #1873581

    Thank you guys

    No i am not using dynamic SQL, just passing it to storeprocedure as a parameter which is used in 'IN' operator.

    one doubt does REPLACE has any performance impact.

    Thanks

  • April 21, 2016 at 6:42 am

    #1873584

    SQL006 (4/21/2016)

    Thank you guys

    No i am not using dynamic SQL, just passing it to storeprocedure as a parameter which is used in 'IN' operator.

    one doubt does REPLACE has any performance impact.

    Thanks

    Every single operation has 'a performance impact'. But IMO, REPLACE is considered fast in the SQL Server world.

    The absence of evidence is not evidence of absence
    - Martin Rees
    The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
    - Phil Parkin

  • April 21, 2016 at 6:46 am

    #1873589

    Luis Cazares (4/21/2016)

    Phil Parkin (4/21/2016)

    Luis Cazares (4/21/2016)

    You just need to use REPLACE and escape the single quotes.

    DECLARE @Codes nvarchar(500) = 'AZJ,CLC,AZF,DDD'

    SELECT REPLACE(@Codes, ',', ''',''')

    Are you doing this for dynamic sql coding? Are you aware of sql injection and all the perils it involves?

    You missed the first and last.

    DECLARE @Codes NVARCHAR(500) = 'AZJ,CLC,AZF,DDD';

    SELECT CONCAT('''', REPLACE(@Codes, ',', ''','''), '''');

    Need coffee now.

    Must not post before morning coffee.

    If it's being used with IN, then that's probably dynamic sql inside the stored procedure.

    REPLACE, as any function needs resources to work, but the impact is minimal unless used on columns in WHERE or JOIN clauses which renders the queries non-SARGable.

    Luis C.
    General Disclaimer:
    Are you seriously taking the advice and code from someone from the internet without testing it? Do you at least understand it? Or can it easily kill your server?

    How to post data/code on a forum to get the best help: Option 1 / Option 2

  • April 25, 2016 at 4:41 pm

    #1874407

    SQL006 (4/21/2016)

    Thank you guys

    No i am not using dynamic SQL, just passing it to storeprocedure as a parameter which is used in 'IN' operator.

    one doubt does REPLACE has any performance impact.

    Thanks

    Based on that you're trying to do with the parameter, You either need to use dynamic sql or split the string into a table...

    The following will NOT work...

    DECLARE @Codes NVARCHAR(500) = N'AZJ,CLC,AZF,DDD';

    DECLARE @CodesReformatted NVARCHAR(500) = CONCAT('''', REPLACE(@Codes, ',', ''','''), '''');

    SELECT

    *

    FROM

    dbo.SomeTable st

    WHERE

    st.Code IN (@CodesReformatted);

Viewing 10 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic. Login to reply