Become an expert in R — Interactive courses, Cheat Sheets, certificates and more!
Get Started for Free
Documentation
R
DatabaseConnector

dbQuoteString-DatabaseConnectorConnection-character-method

Quote literal strings

Description

Call this method to generate a string that is suitable for use in a query as a string literal, to make sure that you generate valid SQL and protect against SQL injection attacks.

Usage

## S4 method for signature 'DatabaseConnectorConnection,character'
dbQuoteString(conn, x, ...)

Arguments

conn

A DBIConnection object, as returned by dbConnect().
x

A character vector to quote as string.
...

Other arguments passed on to methods.

Value

dbQuoteString() returns an object that can be coerced to character, of the same length as the input. For an empty character vector this function returns a length-0 object.

When passing the returned object again to dbQuoteString() as x argument, it is returned unchanged. Passing objects of class SQL should also return them unchanged. (For backends it may be most convenient to return SQL objects to achieve this behavior, but this is not required.)

See Also

DatabaseConnector

Connecting to Various Database Platforms

v4.0.2
Apache License
Authors
Martijn Schuemie [aut, cre], Marc Suchard [aut], Observational Health Data Science and Informatics [cph], Microsoft Inc. [cph] (SQL Server JDBC driver), PostgreSQL Global Development Group [cph] (PostgreSQL JDBC driver), Oracle Inc. [cph] (Oracle JDBC driver), Amazon Inc. [cph] (RedShift JDBC driver)
Initial release
2021-04-12

We don't support your browser anymore

Please choose more modern alternatives, such as Google Chrome or Mozilla Firefox.