patternsqlModerate
Escaping T-SQL Keywords
Viewed 0 times
sqlescapingkeywords
Problem
$sql = "SELECT Kill FROM tbl_pvporderview";Problem is that I end up with:
Incorrect syntax near the keyword 'Kill'.Because
kill is a T-SQL command... any way to bypass it?I can't change the column name because it's used by the software a lot and I cant change the software that's using the database.
So it simply fails if I use
sqlserv to select data from that column. '' or "" wont help.The complete statement would be:
$sql = "SELECT serial,Kill FROM tbl_pvporderview WHERE Kill > (?) ORDER BY Kill DESC ";Solution
If you want to use reserved words as table or column names, you have 2 options:
use brackets (the SQL-Server's way):
or double-quotes* (the ANSI/ISO standard):
Your whole statement would become:
*: Of course, using double quotes (
use brackets (the SQL-Server's way):
SELECT [Kill] or double-quotes* (the ANSI/ISO standard):
SELECT "Kill"Your whole statement would become:
SELECT [serial], [Kill]
FROM tbl_pvporderview
WHERE [Kill] > (?)
ORDER BY [Kill] DESC ;*: Of course, using double quotes (
SELECT "Kill") would necessitate that QUOTED_IDENTIFIER is ON. You may encounter databases that the setting is still SET OFF.Code Snippets
SELECT [serial], [Kill]
FROM tbl_pvporderview
WHERE [Kill] > (?)
ORDER BY [Kill] DESC ;Context
StackExchange Database Administrators Q#22989, answer score: 13
Revisions (0)
No revisions yet.