Closed IanMayo closed 6 months ago
Hey @IanMayo,
Yes, you should escape it using two single quotations, so instead of O'Brien
you should use O''Brien
.
From SQLite documentation:
(14) How do I use a string literal that contains an embedded single-quote (') character?
The SQL standard specifies that single-quotes in strings are escaped by putting two single quotes in a row. SQL works like the Pascal programming language in this regard. Example:
INSERT INTO xyz VALUES('5 O''clock');
Though we can do this inside Soul itself.
Great, thanks. Hmm, I guess we have a choice on whether to hide or expose this SQL pattern.
I think it would be good if Soul could invisibly handle it, so it's one less thing for the Soul user to think/worry about.
Sure, I'll work on it.
This issue is related to the use of the single-quote character
'
.We can insert a new record containing a single quote, for instance a last-name of
O'Brien
. Soul accepts this.But, it we try to push an edit to the that field, or use the single-quote in a
_search
parameter, Soul returns an error.Here is the
GET
URL:http://localhost:8000/api/tables/invoices/rows?_search=O%27Brien
This is the Soul response:
Does this character need to escaped before it is processed?