Take a look at Sun's tutorial on JDBC (Java DataBase Connectivity) - it
explains all the basics, including the difference between Statement objects
and PreparedStatement objects:
http://www.java.sun.com/docs/books/tutorial/jdbc/index.html
Also, here's a link to the JDBC API:
http://java.sun.com/j2se/1.3/docs/api/java/sql/package-summary.html
Other JDBC links that might interest you:
http://java.sun.com/j2se/1.3/docs/guide/jdbc/index.html
http://www.java.sun.com/products/jdbc/index.html
Good luck.
-----Original Message-----
From: Anil John [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 02, 2001 7:18 AM
To: [EMAIL PROTECTED]
Subject: Re: Escaping ' in a SQL INSERT
Joseph,
Thank you.. That was exactly what I was looking for...
Is there any performance or state penalty associcated with using a
preparedstatement vs the regular statement?
Anil
On Fri, 2 Feb 2001, Joseph Ottinger wrote:
> Ah. This is a common JDBC problem; I've been casually watching the
> JSP-Interest list (very casually, since my email is a little screwed up at
> the moment) and just now realised nobody was really giving you any useful
> information.
>
> PreparedStatement ps=connection.createPreparedStatement(
> "insert into mytable (field1) values (?)"
> );
> ps.setString(1, "O'Malley");
> ps.execute();
>
> This will insert "O'Malley", properly escaped and all, into the database.
In
> addition, there's no parsing, no string building; if you're doing a lot of
> inserts, all you'd do is setString(1) over and over again, then re-execute
> (I'm ignoring batch updates, I know.)
>
> >No special reason expect ignorance :)
> >
> >As I mentioned, I am new to JSP. It would appear that I need to read a
> >little bit more...
> >
> >Thank you..
> >
> >Anil
> >
> >
> >On Fri, 2 Feb 2001, Joseph Ottinger wrote:
> >
> > > Is there any special reason you can't use a PreparedStatement, since
> >they
> > > handle escaping for you?
> > >
> > > >I understand that...Just don't want to do that manually :)
> > > >
> > > >Would rather use a replace function to to which I can feed in a
string
> >and
> > > >tell it to do the replace as you suggest. What I am looking for is
the
> > > >existance of such a function and some code samples that people have
> >used.
> > > >
> > > >Anil
> > > >
> > > >
> > > >On Fri, 2 Feb 2001, Chitra Muthukrishnan wrote:
> > > >
> > > > > Use double single quote .
> > > > > For example,
> > > > > if you want to insert ab'c, your insert statement will be like
this
> >:
> > > > >
> > > > > insert into tablename(field1) values(value1,'ab''c);
> > > > >
> > > > > M.Chitra
> > > > > www.3rdagenda.com
> > > > >
> > > > >
> > > > >
> > > > > ----- Original Message -----
> > > > > From: Anil John <[EMAIL PROTECTED]>
> > > > > To: <[EMAIL PROTECTED]>
> > > > > Sent: Friday, February 02, 2001 6:56 AM
> > > > > Subject: Escaping ' in a SQL INSERT
> > > > >
> > > > >
> > > > > > Greetings,
> > > > > >
> > > > > > I am new to JSP, so if this question has been asked and aswered
> > > >before,
> > > > > > please point me to the FAQ.
> > > > > >
> > > > > > If not, could someone provide a code sample of how you escape a
'
> >when
> > > > > > doing a SQL Insert in JSP?
> > > > > >
> > > > > > I am familiar with the VBScript replace function that would
allow
> >you
> > > >to
> > > > > > do this and am hoping that there is a corresponding JSP
function.
> > > > > >
> > > > > > Anil
> > > > > >
> > > > > > --
> > > > > > _______________________________________________________________
> > > > > > Anil John
> > > > > > [EMAIL PROTECTED] [PGP Key Available]
> > > > > >
> > > > > >
> > > > >
> > >
> >
>===========================================================================
> > > > > > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > > > > JSP-INTEREST".
> > > > > > For digest: mailto [EMAIL PROTECTED] with body: "set
> >JSP-INTEREST
> > > > > DIGEST".
> > > > > > Some relevant FAQs on JSP/Servlets can be found at:
> > > > > >
> > > > > > http://java.sun.com/products/jsp/faq.html
> > > > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > > > > >
> > > > >
> > > > >
> > >
> >
>===========================================================================
> > > > > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > > >JSP-INTEREST".
> > > > > For digest: mailto [EMAIL PROTECTED] with body: "set
> >JSP-INTEREST
> > > >DIGEST".
> > > > > Some relevant FAQs on JSP/Servlets can be found at:
> > > > >
> > > > > http://java.sun.com/products/jsp/faq.html
> > > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > > > >
> > > > >
> > > >
> > > >--
> > > >_______________________________________________________________
> > > >Anil John
> > > >[EMAIL PROTECTED] [PGP Key Available]
> > > >
> > >
> >
>===========================================================================
> > > >To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > > >JSP-INTEREST".
> > > >For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
> > > >DIGEST".
> > > >Some relevant FAQs on JSP/Servlets can be found at:
> > > >
> > > > http://java.sun.com/products/jsp/faq.html
> > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > >
> > > _________________________________________________________________
> > > Get your FREE download of MSN Explorer at http://explorer.msn.com
> > >
> > >
> > >
> >
> >--
> >_______________________________________________________________
> >Anil John
> >[EMAIL PROTECTED] [PGP Key Available]
> >
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
>
--
_______________________________________________________________
Anil John
[EMAIL PROTECTED] [PGP Key Available]
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
