A string is a sequence of bytes or characters, enclosed within
either single quote (
') or double quote
") characters. Examples:
'a string' "another string"
Quoted strings placed next to each other are concatenated to a single string. The following lines are equivalent:
'a string' 'a' ' ' 'string'
ANSI_QUOTES SQL mode is
enabled, string literals can be quoted only within single
quotation marks because a string quoted within double quotation
marks is interpreted as an identifier.
A binary string is a
string of bytes. Every binary string has a character set and
nonbinary string is a
string of characters. It has a character set other than
binary and a collation that is compatible
with the character set.
For both types of strings, comparisons are based on the numeric values of the string unit. For binary strings, the unit is the byte; comparisons use numeric byte values. For nonbinary strings, the unit is the character and some character sets support multibyte characters; comparisons use numeric character code values. Character code ordering is a function of the string collation. (For more information, see Section 10.8.5, “The binary Collation Compared to _bin Collations”.)
Within the mysql client, binary strings
display using hexadecimal notation, depending on the value of
--binary-as-hex. For more
information about that option, see Section 4.5.1, “mysql — The MySQL Command-Line Client”.
A character string literal may have an optional character set
COLLATE clause, to designate
it as a string that uses a particular character set and
[_charset_name]'string' [COLLATE collation_name]
SELECT _latin1'string'; SELECT _binary'string'; SELECT _utf8'string' COLLATE utf8_danish_ci;
You can use
create a string in the national character set. These statements
SELECT N'some text'; SELECT n'some text'; SELECT _utf8'some text';
Within a string, certain sequences have special meaning unless
mode is enabled. Each of these sequences begins with a backslash
\), known as the escape
character. MySQL recognizes the escape sequences
shown in Table 9.1, “Special Character Escape Sequences”. For all
other escape sequences, backslash is ignored. That is, the
escaped character is interpreted as if it was not escaped. For
\x is just
These sequences are case-sensitive. For example,
\b is interpreted as a backspace, but
\B is interpreted as
Escape processing is done according to the character set
indicated by the
variable. This is true even for strings that are preceded by an
introducer that indicates a different character set, as
discussed in Section 10.3.6, “Character String Literal Character Set and Collation”.
Table 9.1 Special Character Escape Sequences
The ASCII 26 character can be encoded as
to enable you to work around the problem that ASCII 26 stands
for END-OF-FILE on Windows. ASCII 26 within a file causes
problems if you try to use
are used to search for literal instances of
_ in pattern-matching contexts where they
would otherwise be interpreted as wildcard characters. See the
description of the
LIKE operator in
Section 12.8.1, “String Comparison Functions and Operators”. If you use
\_ outside of
pattern-matching contexts, they evaluate to the strings
\_, not to
There are several ways to include quote characters within a string:
'inside a string quoted with
'may be written as
"inside a string quoted with
"may be written as
Precede the quote character by an escape character (
'inside a string quoted with
"needs no special treatment and need not be doubled or escaped. In the same way,
"inside a string quoted with
'needs no special treatment.
demonstrate how quoting and escaping work:
mysql> SELECT 'hello', '"hello"', '""hello""', 'hel''lo', '\'hello'; +-------+---------+-----------+--------+--------+ | hello | "hello" | ""hello"" | hel'lo | 'hello | +-------+---------+-----------+--------+--------+ mysql> SELECT "hello", "'hello'", "''hello''", "hel""lo", "\"hello"; +-------+---------+-----------+--------+--------+ | hello | 'hello' | ''hello'' | hel"lo | "hello | +-------+---------+-----------+--------+--------+ mysql> SELECT 'This\nIs\nFour\nLines'; +--------------------+ | This Is Four Lines | +--------------------+ mysql> SELECT 'disappearing\ backslash'; +------------------------+ | disappearing backslash | +------------------------+
To insert binary data into a string column (such as a
BLOB column), you should
represent certain characters by escape sequences. Backslash
\) and the quote character used to quote the
string must be escaped. In certain client environments, it may
also be necessary to escape
NUL or Control+Z.
The mysql client truncates quoted strings
NUL characters if they are not
escaped, and Control+Z may be taken for END-OF-FILE on Windows
if not escaped. For the escape sequences that represent each of
these characters, see
Table 9.1, “Special Character Escape Sequences”.
When writing application programs, any string that might contain any of these special characters must be properly escaped before the string is used as a data value in an SQL statement that is sent to the MySQL server. You can do this in two ways:
Process the string with a function that escapes the special characters. In a C program, you can use the
mysql_real_escape_string_quote()C API function to escape characters. See mysql_real_escape_string_quote(). Within SQL statements that construct other SQL statements, you can use the
QUOTE()function. The Perl DBI interface provides a
quotemethod to convert special characters to the proper escape sequences. See Section 27.9, “MySQL Perl API”. Other language interfaces may provide a similar capability.
As an alternative to explicitly escaping special characters, many MySQL APIs provide a placeholder capability that enables you to insert special markers into a statement string, and then bind data values to them when you issue the statement. In this case, the API takes care of escaping special characters in the values for you.