0

I have following in bash script:

sqlite3 database.db "INSERT INTO tbl (col1,col2) VALUES ('\"$line\"','\"$stdout\"');"

,where $line variable isn't going to make any trouble, but my $stdout variable is output from whois $line, so it contains many chars, one of them being ' which breaks the sqlite3 syntax.

Is there some way I could quote-escape that variable, so that it passes well in this query?

EDIT

Sorry, I found my solution here, https://stackoverflow.com/a/14340973/2434479.

Should I delete this question?

Improve this question
3
  • Yes. This is a pretty close match to that other question. I'm glad Stack Overflow solved your problem one way or the other. Commented Jul 19, 2014 at 22:00
  • 1
    As a side note, aren't you "over quoting" your SQL statement? Are those \" required? Commented Jul 19, 2014 at 22:03
  • No, they aren't, I corrected that in my script, but left them here untouched. ;) Commented Jul 19, 2014 at 22:04

1 Answer 1

Reset to default
3

The standard SQL escape sequence for simple quote ' is the double simple quote ''.

Using bash pattern substitution, you may perform the necessary replacements:

sh$ DSQ="''"
sh$ stdout="I'm in a big'trouble"
sh$ echo "${stdout//\'/$DSQ}"
I''m in a big''trouble

In your specific case:

DSQ="''"
sqlite3 database.db \
    "INSERT INTO tbl (col1,col2) VALUES ('$line','${stdout//\'/$DSQ}');"
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.