With the COM_QUERY command, the client sends the server an SQL statement to be executed immediately.
The SQL statement should be properly escaped. The escape character is usually a backslash '\' = 0x5c. However, if the status flag returned by the last OK Packet had NO_BACKSLASH_ESCAPES bit set then the escape character is a single quote(' = 0x60)
If the escape character is a backslash, the following characters are escaped:
- single quote (' = 0x60)
- back slash (\ = 0x5c)
- double quote (" = 0x22)
- null character (0x00)
If the escape character is a single quote, only the single quote (' = 0x60) can be escaped.
The server can answer with 4 different responses that can be differentiated by the first byte (packet header):
- 0xFF - ERR_Packet if any error occurs.
- 0x00 - OK_Packet when query execution works without resultset.
- 0xFB - LOCAL_INFILE Packet if the query was "LOCAL INFILE ...".
- Or a Resultset, when the query returns results (in case of a SELECT query for example).