HiveBrain v1.2.0
Get Started
← Back to all entries
patternsqlModerate

Escaping T-SQL Keywords

Submitted by: @import:stackexchange-dba··
0
Viewed 0 times
sqlescapingkeywords

Problem

$sql = "SELECT Kill FROM tbl_pvporderview";


Problem is that I end up with: Incorrect syntax near the keyword 'Kill'.

Because kill is a T-SQL command... any way to bypass it?

I can't change the column name because it's used by the software a lot and I cant change the software that's using the database.

So it simply fails if I use sqlserv to select data from that column. '' or "" wont help.

The complete statement would be:

$sql = "SELECT serial,Kill FROM tbl_pvporderview WHERE Kill > (?) ORDER BY Kill DESC ";

Solution

If you want to use reserved words as table or column names, you have 2 options:

use brackets (the SQL-Server's way): SELECT [Kill]

or double-quotes* (the ANSI/ISO standard): SELECT "Kill"

Your whole statement would become:

SELECT [serial], [Kill] 
FROM tbl_pvporderview 
WHERE [Kill] > (?) 
ORDER BY [Kill] DESC ;


*: Of course, using double quotes (SELECT "Kill") would necessitate that QUOTED_IDENTIFIER is ON. You may encounter databases that the setting is still SET OFF.

Code Snippets

SELECT [serial], [Kill] 
FROM tbl_pvporderview 
WHERE [Kill] > (?) 
ORDER BY [Kill] DESC ;

Context

StackExchange Database Administrators Q#22989, answer score: 13

Revisions (0)

No revisions yet.