I want to replace a string which contains "/" in vi but what is the escape character for forward slash?
e.g. I have a text file with the contents below and I want to replace "/Top/Sub/Sub1" with "ABC".
/Top/Sub/Sub1
The replace command I am using is ... (4 Replies)
Hi ,
I want to change space to ' in my script.
I tried doing this,
sed 's/ /\'/g' filename
but i could not get it.
can some one help me please.
Thanks,
Deepak (4 Replies)
Hi All,
How do i write in sed for the 6th and 7th field of etc/passwd file as it involves "/" character?
Does mine below is correct? It's incomplete script as i need help with syntax as i always getting may errors :(
Example of etc/passwd file:
blah:x:1055:600:blah... (6 Replies)
Hello experts
I am trying to write a shell script which will add ' ' to a unix variable and then pass it to oracle for inserting to a table.
I am running the script as root and I have to do a su -c .
The problem is the character ' is not recognised inside sed even after adding escape... (1 Reply)
my @array;
my $sepa = "|";
print $sepa;
open FH, "<100_20091023_2.txt";
while(<FH>){
push @array, split(/\$sepa/, $_);
print "@array\n\n";
}
I am not able split the line which have | separated (1 Reply)
I am having issues escaping special characters in my AWK script as follows:
for id in `cat file`
do
grep $id in file2 | awk '\
BEGIN {var=""} \
{ if ( /stringwith+'|'+'50'chars/ ) {
echo "do this"
} else if ( /anotherString/ ) {
echo "do that"
} else {
... (4 Replies)
i have string as below
str=".<date>"
in which i need to replace < with /< , when i tried with sed , got the output.
--> echo $str | sed 's/</\\</g'
.\<date>
when i tried to assign it to a variable , i am not getting the same
--> a=`echo $str | sed 's/</\\</g'` ; echo $a... (4 Replies)
My input is:
jdbc:Oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.147.109.211)(PORT=1526))(CONNECT_DAT A=(SID= MWDBD22)))
In the search pattern, ( and ) and . and @ are special RE, and need to be escaped \( and \) and \. and \@
how can i do it by script or command (9 Replies)
friends,
I have a situation where i am using a $RANDOM function along with the filename, I want this to be escaped by the OS in the first assignment (works as expected) and executed in the second assignment (does not execute $RANDOM)
filename1=filename1_\$RANDOM
echo $filename1... (3 Replies)
Hi ,
I am looking for a function which will do the following.
1. I have a variable which will hold few special chracter like
SPECIAL_CHARS="& ;"2. I have an escape character.
ESCAPE_CHAR="\"3. Now when I passed some string in the function it will return the same string but now it will... (8 Replies)
Discussion started by: Anupam_Halder
8 Replies
LEARN ABOUT PHP
mysql_real_escape_string
MYSQL_REAL_ESCAPE_STRING(3) 1 MYSQL_REAL_ESCAPE_STRING(3)mysql_real_escape_string - Escapes special characters in a string for use in an SQL statementSYNOPSIS
Warning
This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should
be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:
omysqli_real_escape_string(3)
o PDO::quote
string mysql_real_escape_string (string $unescaped_string, [resource $link_identifier = NULL])
DESCRIPTION
Escapes special characters in the $unescaped_string, taking into account the current character set of the connection so that it is safe to
place it in a mysql_query(3). If binary data is to be inserted, this function must be used.
mysql_real_escape_string(3) calls MySQL's library function mysql_real_escape_string, which prepends backslashes to the following charac-
ters: x00,
,
, , ', " and x1a.
This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.
Caution
Security: the default character set
The character set must be set either at the server level, or with the API function mysql_set_charset(3) for it to affect
mysql_real_escape_string(3). See the concepts section on character sets for more information.
o $unescaped_string
- The string that is to be escaped.
o $
link_identifier -The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect(3) is
assumed. If no such link is found, it will try to create one as if mysql_connect(3) was called with no arguments. If no connection
is found or established, an E_WARNING level error is generated.
Returns the escaped string, or FALSE on error.
Example #1
Simple mysql_real_escape_string(3) example
<?php
// Connect
$link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')
OR die(mysql_error());
// Query
$query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
mysql_real_escape_string($user),
mysql_real_escape_string($password));
?>
Example #2
An example SQL Injection Attack
<?php
// We didn't check $_POST['password'], it could be anything the user wanted! For example:
$_POST['username'] = 'aidan';
$_POST['password'] = "' OR ''='";
// Query database to check if there are any matching users
$query = "SELECT * FROM users WHERE user='{$_POST['username']}' AND password='{$_POST['password']}'";
mysql_query($query);
// This means the query sent to MySQL would be:
echo $query;
?>
The query sent to MySQL:
SELECT * FROM users WHERE user='aidan' AND password='' OR ''=''
This would allow anyone to log in without a valid password.
Note
A MySQL connection is required before using mysql_real_escape_string(3) otherwise an error of level E_WARNING is generated, and
FALSE is returned. If $link_identifier isn't defined, the last MySQL connection is used.
Note
If magic_quotes_gpc is enabled, first apply stripslashes(3) to the data. Using this function on data which has already been escaped
will escape the data twice.
Note
If this function is not used to escape data, the query is vulnerable to SQL Injection Attacks.
Note
mysql_real_escape_string(3) does not escape % and _. These are wildcards in MySQL if combined with LIKE, GRANT, or REVOKE.
mysql_set_charset(3), mysql_client_encoding(3), addslashes(3), stripslashes(3), The magic_quotes_gpc directive, The magic_quotes_runtime
directive.
PHP Documentation Group MYSQL_REAL_ESCAPE_STRING(3)