Escaping \ without NO_BACKSLASH_ESCAPE in Mysql / Dev-Articles / DracoBlue

DracoBlue.net > Dev-Articles > Escaping \ without NO_BACKSLASH_ESCAPE in Mysql

Escaping \ without NO_BACKSLASH_ESCAPE in Mysql

While working with Node.JS and dbslayer today, I was facing a weird issue with escaping strings.

Best thing would have been, if I could have forced my server to use NO_BACKSLASH_ESCAPES as sql-mode and then just escape the ' to ''.

But since this server is also used by other programs and NO_BACKSLASH_ESCAPES option cannot be set by option for dbslayer I had to turn it off again.

I ended up with this tiny escape string method:

1
2
3

var db_escape_string = function(string) {
    return string.replace(/([\\\n\r])/g, "\\$&").replace("'", "''", 'g');
};

It replaces \ (backslash), newline and carriage return with \\, \n and \r. Since also single quote needs to be escaped, I finally replace all ' with ''.

You may wonder why I do not escape ". The issue is, that a " appearing within a string in between ' does not need to be escaped.

'this is a test"2' => 'this is a test\"2'

Thatswhy I sticked to the rule to put strings within single quote and do not escape those question marks at all.

In mysql, JavaScript & node.JS By DracoBlue @ 16:01 21.03.2010

Messages

haaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaahhahahaha

#5 By johncena96 @ 09:44 29.04.2010

nickniick whats your email?

#4 By Guest @ 21:36 25.04.2010

u sexy

#3 By Guest @ 21:35 25.04.2010

what am i doin?

#2 By funkyB @ 21:35 25.04.2010

you is cute

#1 By NICNIICK @ 23:39 26.03.2010