AIX | HP-UX | Linux | OS/2 | OS/390 | OS/400 | PTX | SUN | Win NT |
X | X | X | X | X | X | X | X | X |
Purpose
Replaces single quotes in an input string with two single quotes.
Format
@DTW_ADDQUOTE(stringIn, stringOut)
@DTW_rADDQUOTE(stringIn)
@DTW_mADDQUOTE(stringMult, stringMult2, ..., stringMultn)
Parameters
Table 28. DTW_ADDQUOTE Parameters
Data Type | Parameter | Use | Description |
---|---|---|---|
string | stringIn | IN | A variable or literal string. DTW_mADDQUOTE can have multiple input strings. |
string | stringOut | OUT | A variable that contains the modified form of stringIn. |
string | stringMult | INOUT |
|
Return Codes
Table 29. DTW_ADDQUOTE Return Codes
Return Code | Explanation |
---|---|
-1001 | The server could not process a Net.Data request to allocate memory. |
1003 | An incorrect number of parameters were passed on a function call. |
1005 | A parameter passed on a function call, required to be a string variable, was of a different variable type. |
1006 | A literal string was passed on a function call for a parameter which was required to be an output parameter. |
Usage Notes
Consider using this function for all SQL INPUT statements where input is obtained from a Web browser. For example, if you enter O'Brien as a last name, as in the following example, the single quote might give you an error:
INSERT INTO USER1.CUSTABLE (LNAME, FNAME) VALUES ('O'Brien', 'Patrick')
Using the DTW_ADDQUOTE function changes the SQL statement and prevents the error:
INSERT INTO USER1.CUSTABLE (LNAME, FNAME) VALUES ('O''Brien', 'Patrick')
Examples
Example 1: Adds an extra single quote on the OUT parameter
@DTW_ADDQUOTE(string1,string2)
Example 2: Adds an extra single quote on the returned value of the function call
@DTW_rADDQUOTE("The title of the article is 'Once upon a time'")
Example 3: Adds extra single quotation marks on each of the INOUT parameters of the function call
@DTW_mADDQUOTE(string1,string2)
Example 4: Inserts extra single quotation marks into data being inserted in a DB2 table
%FUNCTION(DTW_SQL) insertName(){ INSERT INTO USER1.CUSTABLE (LNAME,FNAME) VALUES ('@DTW_rADDQUOTE(lastname)', '@DTW_rADDQUOTE(firstname)') %}