SQL SRV not escaping correctly

Published 3 weeks ago by matalina

I've already googled: This issue came up - https://github.com/laravel/framework/issues/24123

Basically whenever I have a single quote in a query for the MSSQL server I get the following error:

SQLSTATE[HY000]: General error: 105 Unclosed quotation mark after the character string ''. [105] (severity 15)

Can I extend the eloquent drive to automatically apply the '' to my query. Or some other means of doing this 100% across the board for ONLY MSSQL (I use mysql as well - not my choice to use MSSQL - only reading from MSSQL)


I think you can do a raw query or a part of the query as raw to get around this issue!

Documentation: https://laravel.com/docs/5.7/queries#raw-expressions

Also note that the issue you linked to also described that this bug is SQL Server related and not Laravel related!


Yes I'm aware that the issue is not with Laravel. I'm looking for a Laravel way to fix the problem since it's PDO and MSSQL thing and I don't want to dig too much deeper. I'll do a work around.

Writing raw queries in place of EVERY single WHERE statement that uses a string as it's value is not a feasible solution.

I assumed for as many years as I've been using Laravel that Eloquent was escaping those characters correctly. I've never had any problems with any of the drivers until now (and if I did I never had any issues reported :( )

I believe this is the first PDO/Eloquent string I have searched, usually I'm only pulling numbers from that database but I don't know if it is broken anywhere else so I wanted a global fix in Laravel to mitigate the problem so I don't get errors like this.


What's your query?


simple as it can be will cause the error.


That's simplified of course.

And I realized I can do this on a one by one basis, but this can potentially hit every single string query that I've ever written....that touches the MSSQL.

Extending part of the Model, or writing a different eloquent model to correct this parsing issue is the simplest and easiest way to catch all the potential problems.

But the simplist solution at present is to not use MSSQL to check customer accounts against. It's a slightly delayed process to create account stubs in mysql where I can escape properly without rewriting the code.

It doesn't prevent any potential breaking down the line for future MSSQL queries, but it at least solves the issue here and a few other operational issues on the business side.

Please sign in or create an account to participate in this conversation.