Re: Strings in SQL

Mon, 28 Jun 1999 13:20:45 -0700 

Personally, I think there's an easier way that won't cause you to rewrite a lot
of code.

Use prepared statements! Then, replace the ? parameters with the values from
getParameter(). JDBC will take care of the single-quotes without you having to
worry about them.


jon * wrote:

> > I hope someone could help me out. I've encountered a problem using strings
> > to prepare the SQL statements before executing it. I've noticed that the
> > database can't interpret the SQL statement if one of my users use an
> > apostrophy ( ' ) in one of the fields of that SQL statement.
> >
> > Seems that I have to append another aposthrophy after the first one so that
> > it could work. So, I've been thinking of a way of replacing the particular
> > character but the replace method under the Strings could only replace one
> > character for one character. Is there any way of replacing a character like
> > the apostrophy with a group of characters like ( '' ) so that it could get
> > executed?
> >
> > Or is there another way around this problem? Your help would be much
> > appreciated. Till then.
>
> Use village or town...
>
> <http://www.working-dogs.com/village/>
> <http://www.working-dogs.com/town/>
>
> Here is an example:
>
> TableDataSet tds = new TableDataSet ( connection, "table_name", new
> KeyDef().addAttrib("key_column_name"))
> Record rec = tds.addRecord();
> rec.setValue ("column_name", "'");
> rec.save();
> tds.close();
>
> It's easy. It's fast. It works.
>
> -jon
>
> ___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".

Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html

Reply via email to