What the F**K is the 'Grady' operator
The web application I'm working on logs errors in a log file using Log4Net. Nothing new, loads of applications do that. But I was surprised when I found the following error message:
System.Data.SyntaxErrorException: Syntax error: Missing operand after 'grady' operator.
Now what in heavens name is a 'Grady' operator. I had no clue. Google only knows Grady from the book "Object-Oriented Analysis And Design With Applications" and other OO related work. So no solution to be found there. So what could it be?
I looked into the log file again and checked if the exception was raised more than once. I found more interesting 'operators': 'Toole', 'Amore','Sullivan'. Wait a minute there all names. I checked the stack traces for these exceptions and then it dawned on me. The error was raised when the user clicked a filter button. The web page where the error was raised showed a user list. Apparently, the user was looking for someone named O'Toole or O'Sullivan. I checked the code and found this:
if (txtUserFilter.Text != String.Empty)
{ dataTable.DefaultView.RowFilter = string.Format("NAME like '%{0}%'", txtUserFilter.Text);}
This will work fine of course, provided the text string does not contain any single quotes. The following solved my problem:
if(txtUserFilter.Text != String.Empty)
{ dataTable.DefaultView.RowFilter = string.Format("NAME like '%{0}%'", txtUserFilter.Text.Replace("'", "''"));}