Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to escape the @ character in an if statement check?
Top Forums UNIX for Beginners Questions & Answers How to escape the @ character in an if statement check? Post 303043984 by RudiC on Wednesday 12th of February 2020 04:38:15 AM
Old 02-12-2020
More details, please. There doesn't seem anything wrong with your code snippet, as rdrtx1 already proved. Show context, variable contents, error messages, execution logs, script / command misbehaviour. What be your OS and shell versions?
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Escape character in vi?

I want to replace a string which contains "/" in vi but what is the escape character for forward slash? e.g. I have a text file with the contents below and I want to replace "/Top/Sub/Sub1" with "ABC". /Top/Sub/Sub1 The replace command I am using is ... (4 Replies)
Discussion started by: stevefox
4 Replies

2. Shell Programming and Scripting

Escape character

Hi , I want to change space to ' in my script. I tried doing this, sed 's/ /\'/g' filename but i could not get it. can some one help me please. Thanks, Deepak (4 Replies)
Discussion started by: deepakpv
4 Replies

3. Shell Programming and Scripting

Escape character - sed

Hi All, How do i write in sed for the 6th and 7th field of etc/passwd file as it involves "/" character? Does mine below is correct? It's incomplete script as i need help with syntax as i always getting may errors :( Example of etc/passwd file: blah:x:1055:600:blah... (6 Replies)
Discussion started by: c00kie88
6 Replies

4. Shell Programming and Scripting

Escape character in sed

Hello experts I am trying to write a shell script which will add ' ' to a unix variable and then pass it to oracle for inserting to a table. I am running the script as root and I have to do a su -c . The problem is the character ' is not recognised inside sed even after adding escape... (1 Reply)
Discussion started by: pvedaa
1 Replies

5. Shell Programming and Scripting

perl how to escape (|) character

my @array; my $sepa = "|"; print $sepa; open FH, "<100_20091023_2.txt"; while(<FH>){ push @array, split(/\$sepa/, $_); print "@array\n\n"; } I am not able split the line which have | separated (1 Reply)
Discussion started by: pritish.sas
1 Replies

6. Shell Programming and Scripting

Regex escape special character in AWK if statement

I am having issues escaping special characters in my AWK script as follows: for id in `cat file` do grep $id in file2 | awk '\ BEGIN {var=""} \ { if ( /stringwith+'|'+'50'chars/ ) { echo "do this" } else if ( /anotherString/ ) { echo "do that" } else { ... (4 Replies)
Discussion started by: purebc
4 Replies

7. Shell Programming and Scripting

sed - with escape character

i have string as below str=".<date>" in which i need to replace < with /< , when i tried with sed , got the output. --> echo $str | sed 's/</\\</g' .\<date> when i tried to assign it to a variable , i am not getting the same --> a=`echo $str | sed 's/</\\</g'` ; echo $a... (4 Replies)
Discussion started by: expert
4 Replies

8. UNIX for Advanced & Expert Users

Escape special character

My input is: jdbc:Oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=10.147.109.211)(PORT=1526))(CONNECT_DAT A=(SID= MWDBD22))) In the search pattern, ( and ) and . and @ are special RE, and need to be escaped \( and \) and \. and \@ how can i do it by script or command (9 Replies)
Discussion started by: arindam guha
9 Replies

9. Shell Programming and Scripting

ksh escape a character

friends, I have a situation where i am using a $RANDOM function along with the filename, I want this to be escaped by the OS in the first assignment (works as expected) and executed in the second assignment (does not execute $RANDOM) filename1=filename1_\$RANDOM echo $filename1... (3 Replies)
Discussion started by: Balaji M
3 Replies

10. Shell Programming and Scripting

Function to add escape character before specified character

Hi , I am looking for a function which will do the following. 1. I have a variable which will hold few special chracter like SPECIAL_CHARS="& ;"2. I have an escape character. ESCAPE_CHAR="\"3. Now when I passed some string in the function it will return the same string but now it will... (8 Replies)
Discussion started by: Anupam_Halder
8 Replies

LEARN ABOUT PHP

mysql_real_escape_string

MYSQL_REAL_ESCAPE_STRING(3)						 1					       MYSQL_REAL_ESCAPE_STRING(3)

mysql_real_escape_string - Escapes special characters in a string for use in an SQL statement

SYNOPSIS

       Warning

	      This  extension  is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should
	      be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

		     omysqli_real_escape_string(3)

		     o PDO::quote

       string mysql_real_escape_string (string	$unescaped_string, [resource  $link_identifier = NULL])

DESCRIPTION

	Escapes special characters in the $unescaped_string, taking into account the current character set of the connection so that it is safe to
       place it in a mysql_query(3). If binary data is to be inserted, this function must be used.

       mysql_real_escape_string(3)  calls  MySQL's  library function mysql_real_escape_string, which prepends backslashes to the following charac-
       ters: x00, 
, 
, , ', " and x1a.

	This function must always (with few exceptions) be used to make data safe before sending a query to MySQL.

       Caution

	      Security: the default character set

	       The character set must be set either at the server  level,  or  with  the  API  function  mysql_set_charset(3)  for  it	to  affect
	      mysql_real_escape_string(3). See the concepts section on character sets for more information.

	      o $unescaped_string
		- The string that is to be escaped.

	      o $
		link_identifier  -The  MySQL  connection.  If  the  link  identifier is not specified, the last link opened by mysql_connect(3) is
		assumed. If no such link is found, it will try to create one as if mysql_connect(3) was called with no arguments. If no connection
		is found or established, an E_WARNING level error is generated.

	Returns the escaped string, or FALSE on error.

       Example #1

	      Simple mysql_real_escape_string(3) example

	      <?php
	      // Connect
	      $link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')
		  OR die(mysql_error());

	      // Query
	      $query = sprintf("SELECT * FROM users WHERE user='%s' AND password='%s'",
			  mysql_real_escape_string($user),
			  mysql_real_escape_string($password));
	      ?>

       Example #2

	      An example SQL Injection Attack

	      <?php
	      // We didn't check $_POST['password'], it could be anything the user wanted! For example:
	      $_POST['username'] = 'aidan';
	      $_POST['password'] = "' OR ''='";

	      // Query database to check if there are any matching users
	      $query = "SELECT * FROM users WHERE user='{$_POST['username']}' AND password='{$_POST['password']}'";
	      mysql_query($query);

	      // This means the query sent to MySQL would be:
	      echo $query;
	      ?>

	       The query sent to MySQL:

	      SELECT * FROM users WHERE user='aidan' AND password='' OR ''=''

	       This would allow anyone to log in without a valid password.

       Note

	       A  MySQL  connection  is  required before using mysql_real_escape_string(3) otherwise an error of level E_WARNING is generated, and
	      FALSE is returned. If $link_identifier isn't defined, the last MySQL connection is used.

       Note

	       If magic_quotes_gpc is enabled, first apply stripslashes(3) to the data. Using this function on data which has already been escaped
	      will escape the data twice.

       Note

	       If this function is not used to escape data, the query is vulnerable to SQL Injection Attacks.

       Note

	      mysql_real_escape_string(3) does not escape % and _. These are wildcards in MySQL if combined with LIKE, GRANT, or REVOKE.

       mysql_set_charset(3),  mysql_client_encoding(3),  addslashes(3),  stripslashes(3), The magic_quotes_gpc directive, The magic_quotes_runtime
       directive.

PHP Documentation Group 											       MYSQL_REAL_ESCAPE_STRING(3)
All times are GMT -4. The time now is 11:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy