It is important when data is imported from a non-database data source, like a comma delimited file, to take into account the single quotes that may appear inside the data. When a data field contains a single quote and that value is inserted into a database using a SQL statement then an incorrect SQL statement is generated. For instance, consider the following (fake) data file:
01enn hukkjj 9934 02enn hy'erq 2452 |
The second field of the second row contains a single quote character. The SQL statements to insert these two rows of data, if the single quote character was not detected, into a database could be:
insert into user(id, name, val) values ( '01enn', 'hukkjj', 9934) insert into user(id, name, val) values ( '02enn', 'hy'erq', 2452) |
The SQL compiler of the database would generate an error because the second SQL statement is not correct. To prevent these errors there is the built-in string predicate expand_sq/1, it will replace each single quote character with two single quote characters. The SQL compiler of the database system will accept the two double quote characters and store one single quote character.
insert into user(id, name, val) values ( '01enn', 'hukkjj', 9934) insert into user(id, name, val) values ( '02enn', 'hy''erq', 2452) |