MySQL Apostrophe Escaping: Backslash or Double Apostrophe?

Escaping Apostrophes in MySQL: Clarification of Documentation

The question raised pertains to the use of apostrophes (single quotes) in MySQL. The documentation suggests escaping them with a backslash (), but the questioner encounters successful execution using a double apostrophe ('').

Delving into the MySQL documentation further reveals the following:

"A ‘'’ inside a string quoted with ‘'’ may be written as ‘''’."

This implies that MySQL accepts both the backslash and double apostrophe notations for escaping apostrophes.

The Postgres documentation provides an insightful note regarding backslash escaping:

"This [backslash escaping] controls whether a quote mark can be represented by ' in a string literal. The preferred, SQL-standard way to represent a quote mark is by doubling it ('') but PostgreSQL has historically also accepted '."

This suggests that while using may be technically acceptable, doubling the apostrophe is more secure and conforms better to SQL standards.

Ultimately, the choice of escaping method may depend on factors such as language, database choice, and query framework. Unfortunately, the question doesn't provide sufficient information to guide a specific recommendation.

The above is the detailed content of MySQL Apostrophe Escaping: Backslash or Double Apostrophe?. For more information, please follow other related articles on the PHP Chinese website!