Home/ Questions/Q 8532297
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T09:41:01+00:00

Currently I’m writing a really simple textbox-to-query parser for SQL queries. One of the

  • 0

Currently I’m writing a really simple textbox-to-query parser for SQL queries. One of the things that needs to be done is strings that are placed in single quotes need to be found and properly parameterized. I’ve Googled it and look page after page for answers, however nothing I can find will help.

Given the query

INSERT INTO PracticeTable
VALUES ('Hello 'World')

or for example,

WHERE users.UserProfiles = 'John's Profile'

I need to figure out a way to

  1. Find the string in single quotes
  2. Extract the string from the inside

I can use a loop to do the parameterization myself.

So to complete the example in the query segment

WHERE users.UserProfiles = 'John's Profile'

I should get a match for ‘John’s Profile’ and then be able to remove the entire string John’s Profile from the inside of them.

Can anyone help me? Also, can anyone suggest a better way to receive a query from the user and run it? I’m always looking for suggestions.

Thank you!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Test the following. It will catch the quoted string.

    [^']*'(.+)'

    =>

    WHERE users.UserProfiles = ‘John’s Profile’

    extracted group

    John’s Profile

    I want to mention that your WHERE clause is wrong SQL as your inside ‘ is not escaped.

    As you asked, the quoted string can be captured fairly easy by:

    [^']*('.+')
    • 0