Results 1 to 2 of 2
  1. #1
    Join Date
    Jun 2016

    Unanswered: parameterized queries and CREATE USER

    I use parameterized quieres to create a user with the given name and password, because password may contain ' chars.

    cmd.CommandText = "CREATE USER @name WITH PASSWORD @pwd";
    cmd.Parameters.AddWithValue("@name", name);
    cmd.Parameters.AddWithValue("@pwd", pwd);

    This doesn't work. Error: Syntax error at "$1". Anyone knows what the problem is?

  2. #2
    Join Date
    Dec 2012
    Yes, I know the problem:

    The correct syntax of "CREATE USER" is:
      CREATE USER my_username WITH PASSWORD 'my_secret_password';
    If a >'< is part of the password, it must be doubled like the following example: (password will be my_secret_password_with_'_signs )
      CREATE USER my_username WITH PASSWORD 'my_secret_password_with_''_signs';

    See also the official documentation:

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts