Aaron Porter wrote:
> That's interesting. I thought most DBMS's supported prepared statements.
> Assuming that they do, the JDBC driver should just provide a thin wrapper
> for them. I don't know how else you would support methods like
> setBinaryStream() (maybe I should look at Mark's source :-).
>
> Thanks for pointing that out!
> Aaron
>
Filtering out the quotes doesn't prevent you from taking advantage of server
side prepared statements. It justs gets done before the parameter is sent
over to the DBMS to fill in the placeholder. You still get all the benefits
of server-side pre-parsing provided by the underlying DBMS.
By the way, the MySQL driver I referred to can be downloaded from:
http://www.worldserver.com/mm.mysql
Craig McClanahan
>
> >
> > Just for one example, check out the source code for Mark
> > Matthews's *excellent*
> > JDBC driver for MySQL. In the PreparedStatement.setString()
> > class, he very
> > carefully scans for delimiters that will cause problems, and
> > escapes them the
> > way that MySQL wants them.
> >
> > I (obviously) don't have the source, but my experience is
> > that Oracle's JDBC
> > driver does this as well.
> >
> >
> > >
> > > Aaron
> > >
> >
> > Craig
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
