In older versions of VB.Net (prior to VB2010 I think), you were required to use the line continuation character (the underscore "_") whenever you split a statement over multiple lines.
From VB2010 you can omit this character in a large number of cases.
For a complete list of cases where you can omit this (annoying) character, search the help for "statements in visual basic" and then scroll down to the section entitled "Continuing a Statement over Multiple Lines". This contains a sub-section entitled "Implicit Line Continuation" which lists "the syntax elements that implicitly continue the statement on the next line of code."
Monday, 3 September 2012
Wednesday, 14 March 2012
JSON and SQL
I have a project where, for auditing purposes, I serialise a JavaScript object to JSON and then store the resulting string in a MySQL database table.
Recently I encountered a problem with de-serialising some of these strings back to objects. The problem was that a string field in one of the instances contained embedded quotes and these were not escaped in the SQL table. After a little while spent digging about I realised what the problem was.
When JSON.stringify is called on a string, any embedded double-quote characters are escaped, so the string 'This contains "double quoted" text' becomes 'This contains \"double quoted\" text'. This is all fine, but when you add a string to the database the escape character is treated as an escape and is removed from the resulting string. If you then read the string back out and try to JSON.parse it the un-escaped double-quotes cause it to fail. To keep the escape character you need to escape the escapes before adding to the database.
You also need to escape any single quote characters before adding to a database table.
Try:
JSON.stringify(obj).replace(/'/g, "\'").replace(/\\/g, "\\\\");
Recently I encountered a problem with de-serialising some of these strings back to objects. The problem was that a string field in one of the instances contained embedded quotes and these were not escaped in the SQL table. After a little while spent digging about I realised what the problem was.
When JSON.stringify is called on a string, any embedded double-quote characters are escaped, so the string 'This contains "double quoted" text' becomes 'This contains \"double quoted\" text'. This is all fine, but when you add a string to the database the escape character is treated as an escape and is removed from the resulting string. If you then read the string back out and try to JSON.parse it the un-escaped double-quotes cause it to fail. To keep the escape character you need to escape the escapes before adding to the database.
You also need to escape any single quote characters before adding to a database table.
Try:
JSON.stringify(obj).replace(/'/g, "\'").replace(/\\/g, "\\\\");
Subscribe to:
Posts (Atom)