Пример #1
0
        /// <summary>
        /// returns a string suitable for sql
        /// </summary>
        /// <param name="val"></param>
        /// <returns></returns>
        public static string Escape(string val, PreparerEscapeType escapeType)
        {
            if (val == null)
            {
                val = "";
            }

            if (escapeType == PreparerEscapeType.Sql)
            {
                // for sql we can't have single quotes
                val = val.Replace("'", "''");
            }
            else
            {
                // for serialization we can't have vertical bar
                val.Replace("|", "!");
            }

            return(val);
        }
Пример #2
0
 /// <summary>
 /// returns DateTime as a string suitable for sql
 /// </summary>
 /// <param name="val"></param>
 /// <returns></returns>
 public static string Escape(System.DateTime val, PreparerEscapeType escapeType)
 {
     return(Escape(val.Year + "-" + val.Month + "-" + val.Day + " " + val.Hour + ":" + val.Minute + ":" + val.Second, escapeType));
 }
Пример #3
0
 /// <summary>
 /// returns a decimal as string suitable for sql
 /// </summary>
 /// <param name="val"></param>
 /// <returns></returns>
 public static string Escape(decimal val, PreparerEscapeType escapeType)
 {
     return(Escape(val.ToString(), escapeType));
 }