我需要从系统中删除用户,搜索基于他们的电子邮件。但是,由于一些奇怪的验证,一些用户在电子邮件中有单引号和通配符(%)字符。
当我尝试删除用户时,由于单引号和其他奇怪的字符,它会抛出错误。我可以直接在数据库中清理,但是,我想知道我是否可以搜索他们的电子邮件中的所有垃圾并仍然直接从应用程序中删除用户
例如:
DELETE FROM Customers
WHERE Email = 'test@yahoo.com'@countag%and1=1''
答案 0 :(得分:1)
外卡角色没问题,因为你没有匹配模式,但对于单引号,你需要加倍才能逃脱它。
DELETE FROM Customers
WHERE Email = 'test@yahoo.com''@countag%and1=1'''
-- ^ this ^ and this.
答案 1 :(得分:1)
最简单的解决方法是使用双引号,因此不必担心嵌入的单引号:
DELETE FROM Customers
WHERE Email = "test@yahoo.com'@countag%and1=1"
答案 2 :(得分:0)
你可以尝试
delete from customers where charindex('''', email) > 0
删除所有客户,其电子邮件地址至少包含一个单引号...或者可以先选择并检查结果
答案 3 :(得分:0)
DROP TABLE UsersToDelete
CREATE TABLE UsersToDelete
(
id INT IDENTITY
,email VARCHAR(500)
)
INSERT INTO UsersToDelete
(
-- id -- this column value is auto-generated
email
)
SELECT 'test@yahoo.com''@countag%and1=1''' AS email
UNION
SELECT 'bill.gates@microsoft.com'
UNION
SELECT 'user2675939@stackoverflow.com'
UNION
SELECT 'iamkarlson''''''@google.com'
SELECT utd.id
,utd.email
,CASE
WHEN (SUBSTRING(email ,CHARINDEX('''' ,email ,0) +1 ,1) <>''''
OR SUBSTRING(REVERSE(email) ,CHARINDEX('''' ,REVERSE(email) ,0) +1 ,1) <>'''')
AND email LIKE '%''%'
THEN 1
WHEN SUBSTRING(email ,CHARINDEX('''' ,email ,0) +1 ,1) =''''
AND SUBSTRING(REVERSE(email) ,CHARINDEX('''' ,REVERSE(email) ,0) +1 ,1) =''''
AND email LIKE '%''%'
THEN 0
ELSE 0
END AS [Contains]
,SUBSTRING(email ,CHARINDEX('''' ,email ,0) +1 ,1)
,SUBSTRING(REVERSE(email) ,CHARINDEX('''' ,REVERSE(email) ,0) +1 ,1)
FROM UsersToDelete utd