Pass string variable in R script to use it in SQL statement

Question

I tried use a string variable in R script to use through SQL statement for example:

x=\"PASS\"

SQL<- paste(\"select ID, NAME, STATUS from STUDENT where S         


        

Answer 1

EDIT for windows

Try

x = "PASS"

SQL<- paste0("select ID, NAME, STATUS from STUDENT where STATUS = ", shQuote(x, 'sh'))
Q1 <- dbGetQuery(con, SQL)

More generally shQuote is useful for constructed things like:

paste0("SELECT * FROM urtable where urvar IN(", paste0(shQuote(LETTERS, 'sh'), collapse = ','), ")")
[1] "SELECT * FROM urtable where urvar IN('A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z')"

 #

If you have simple character strings. For more complicated character strings other approaches maybe necessary. For example in PoSTgreSQL you can use Dollar-Quoted String Constants to escape characters.

You dont mention what variant of SQL you are using or associated R package. Some R packages may have helper functions like postgresqlEscapeStrings in RPostgreSQL or dbEscapeStrings in RMySQL.