The JDBC PreparedStatement class is able to escape parameters (in a database specific way) with the setString(parameterIndex, string) method, but it's designed for hard-coded insert/update queries.
I use a custom function to generate queries that updates only fields that need to be updated, so I can't use PreparedStatement (unless I make my code hard to read/modify). The setString() method must be calling a MySQL specific escape function internally, but I don't know if there's something in JDBC to call that function directly or of it is private. Any ideas?
Joshua J. Kugler wrote:
Are you using a high level library such as Perl::DBI? If so, you should run all your strings the quote method. That will quote it properly for each database you connect to. If you are connecting to all the databases yourself using custom code, I would recommend you find some database neutral libraries and go from there.
j----- k-----
On Thursday 08 April 2004 01:37 pm, Christos Karras said something like:
Is there a way to disable the use of the backslash as an escape character in strings? I need to use an application that's designed to work on any database server supporting ANSI SQL. When it generates SQL insert/update queries, it doesn't escape backslashes in strings, because the ANSI SQL standard doesn't require backslashes to be escaped.
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
