Your "database" code looks a little odd. It seems more like you're using a
CSV file than a real database, except that you're using JDBC to access it.
Is there a reason you're combining everything into one database column,
instead of having a column for each value?
In any case, the way to avoid the type of quoting problem you're seeing is
to use prepared statements (java.sql.PreparedStatement) instead of building
the string yourself.
--
Martin Cooper
Tumbleweed Communications
----- Original Message -----
From: "Jennifer Feeney" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, February 08, 2001 5:56 PM
Subject: Servlet Bug!!
> Hi all,
>
> Once again, thanks to anyone that can offer any help or advise on
> this one!
>
> I have found a bug in my servlet......
>
> Description:
> ========================================================
> I have a servlet developed that allows users to register for
> a service, it all works great, except for one thing, if a person
> enters a Surname of the O'Rourke, O'Reilly, type I get the following
> message........
>
> java.sql>SQLException:Syntax Error(Missing Operator) in expression
> Query.
>
> I know what causes the error, its the " ' " character that messes
> up my InsertIntoDB query......
>
> The code snippet below is what I am using, can anyone tell me how i
> could modify it to allow surnames of this type to be accepted and not
> generate an error.
>
> Code Snippet:
> ================================================================
>
> boolean success = insertIntoDB(
> "'" + email + "','" + firstName + "','" + lastName + "','" +
> telNo + "','" + address1 + "','" + address2 +
> "','" + county + "','" + country + "','" +
> (String.valueOf(IdNo)) + "','" + password + "'");
> ================================================================
> End Code:
>
> Ps I tried the archives, but the server is down.....
>
> Thanks again to anyone that may be able to help.
>
> Regards,
> Jennifer
>
> _____________________________________
>
> Get your free E-mail at http://www.ireland.com
>
>
___________________________________________________________________________
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
