No chance you could advocate the use of PreparedStatement, to eliminate the
need to escape the data at all, is there?
After all, st.executeQuery("select * from tablename where
field="+SQLUtil.escapeText(fielddata)); can be slower and less correct than
relying on the driver to handle proper escaping (if necessary) for a given
database.
No need to mention something like
PreparedStatement ps=con.prepareStatement("select * from tablename where
field=?");
ps.setString(1, fielddata);
Oh - wait, I just mentioned it!
More seriously: you really should use PreparedStatements over the
alternatives, in all but the most simple cases. Really and truly.
>From: T A Flores <[EMAIL PROTECTED]>
>Reply-To: A mailing list about Java Server Pages specification and
> reference <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: Problem in inserting data into Oracle
>Date: Wed, 21 Mar 2001 05:50:45 -0800
>
>You need to append a second single quote - it's not an Oracle thing,
>but rather, a DB thing. Try the following - take note it will not
>matter where the single quote is it will append another to it.
>
>public String apQuote(String s ) {
>StringBuffer result = new StringBuffer();
>
>for (int i=0;i<s.length();i++) {
>char c = s.charAt(i);
>if (c!=39){ result.append(c);
> }else{
> result.append(c);
>} //end if
> }
>es = result.toString( );
>return es;
>}
>
>----- Original Message -----
>From: "R.Muthukumar" <[EMAIL PROTECTED]>
>Date: Wednesday, March 21, 2001 4:22 am
>Subject: Problem in inserting data into Oracle
>
> > Hi!
> > From the Jsp page, I am trying to update a record in oracle .
> > Since oracle
> > doesn't allow to enter values like the string given below...
> > This is the string with check's and result's.
> > I have to convert the single quotes into double quotes and
> > insert..? Can
> > anyone throw some light on how to go about that?
> > Thanks in advance..
> > Muthu
> >
> >
>========================================================================
>===
> > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > JSP-INTEREST".
> > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-
> > INTEREST DIGEST".
> > Some relevant FAQs on JSP/Servlets can be found at:
> >
> > http://java.sun.com/products/jsp/faq.html
> > http://www.esperanto.org.nz/jsp/jspfaq.html
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> >
>
>===========================================================================
>To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
>JSP-INTEREST".
>For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
>DIGEST".
>Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
