So what exactly is your setup?
----- Original Message -----
From: Stephen Casey <[EMAIL PROTECTED]>
Date: Wednesday, April 4, 2001 5:38 pm
Subject: Re: how to escape apostrophe
> I think you're wrong on this one. I've used PreparedStatements
> many many
> times for this exact problem and it works great. Check your
> implementation.
>
>
>
>
> "T.A. Flores" <[EMAIL PROTECTED]>
> Sent by: "A mailing list for discussion about
> Sun Microsystem's Java Servlet API
> Technology." <[EMAIL PROTECTED]>
>
>
> 04/04/01 04:05 PM
> Any replies will be addressed to: "A mailing
> list for discussion about Sun Microsystem's Java
> Servlet API Technology."
>
> To: [EMAIL PROTECTED]
> cc:
> Subject: Re: how to escape apostrophe
>
>
>
>
> I've personally done the prepared statement bit. Not sure if it
> was my
> implementation, although I doubt it, but it didn't work to solve this
> type of problem.
>
> Now, I'm not saying not to use prepared statement on the contrary,
> however, what I am saying escape that single quote before that string
> gets to the prepared statement. Moreover, Prepared statement is
> only a
> parameterized statement - not a save all. Since the original
> poster is
> potentially receiving single quotes in unknown quantities or locations
> this works just fine.
>
> I've been known to be wrong on occasion so if you still think I'm
> wrong - tell you what, just for grins and giggles, give it a try and
> let me know. . .
>
> IMHO - this has been the best way to solve this particular problem.
>
>
> ----- Original Message -----
> From: Dion Almaer <[EMAIL PROTECTED]>
> Date: Wednesday, April 4, 2001 4:07 pm
> Subject: Re: how to escape apostrophe
>
> > This code looks like there is an if () { do x } else { do x }.
> > Don't you want to do something other than just an append if the
> > char is '?
> >
> > To solve the problem at hand, I would just use a
> > PreparedStatement, using
> > question
> > marks for the bindings, and then set the value. A ' will be safe
> > then.
> > E.g.
> >
> > PreparedStatement ps = conn.prepareStatement("INSERT INTO NAME
> > (NAME, ID)
> > VALUES (?, ?)");
> >
> > // Set parameters and run the statement.
> > ps.setString(1, "Dion Almaer");
> > ps.setInt(2, 1);
> > ps.executeUpdate();
> >
> > // Set parameters and run the
> > // statement again.
> > ps.setString(1, "Tim O'reilly");
> > ps.setInt(2, 2);
> > ps.executeUpdate();
> >
> > Obviously, I am not doing any checking of the ps.executeUpdate(),
> > or closing
> > the ps and conn as you would do.
> >
> > Dion
> >
> >
> >
> > > -----Original Message-----
> > > From: A mailing list for discussion about Sun Microsystem's Java
> > Servlet> API Technology. [mailto:[EMAIL PROTECTED]]On
> > Behalf Of T.A.
> > > Flores
> > > Sent: Wednesday, April 04, 2001 4:02 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: how to escape apostrophe
> > >
> > >
> > > This question comes up very frequently - I posted code
> sometime back
> > > that is a sure fire fix to that problem -
> > >
> > >
> > > public String apQuote(String s ) {
> > > StringBuffer result = new StringBuffer();
> > >
> > > for (int i=0;i<s.length();i++) {
> > > char c = s.charAt(i);
> > > if (c!=39){ result.append(c);
> > > }else{
> > > result.append(c);
> > > } //end if
> > > }
> > > es = result.toString( );
> > > return es;
> > > }
> > >
> > >
> > > ----- Original Message -----
> > > From: Randy Troppmann <[EMAIL PROTECTED]>
> > > Date: Wednesday, April 4, 2001 2:22 pm
> > > Subject: how to escape apostrophe
> > >
> > > > Hello all,
> > > >
> > > > When I accept input from an HTML form, apostraphes(single
> quotes)> > > screw up
> > > > my SQL query syntax. I tried to write a method that searched the
> > > > string and
> > > > put an escape character in front, but this wouldn't work for
> > me. I
> > > > endedsubstituting the ' character with I think is an accent
> > grave `.
> > > >
> > > > Does anyone have a better idea?
> > > >
> > > > Thanks!
> > > > Randy Troppmann
> > > >
> > > >
> > >
> >
>
________________________________________________________________________
> > ___
> > > > To unsubscribe, send email to [EMAIL PROTECTED] and
> > include in
> > > > the body
> > > > of the message "signoff SERVLET-INTEREST".
> > > >
> > > > Archives: http:
> > > > Resources: http://java.sun.com/products/servlet/external-
> > > > resources.htmlLISTSERV Help:
> > > > http://www.lsoft.com/manuals/user/user.html
> > >
> > > __________________________________________________________________
> > > _________
> > > To unsubscribe, send email to [EMAIL PROTECTED] and include
> > > in the body
> > > of the message "signoff SERVLET-INTEREST".
> > >
> > > Archives: http:
> > > Resources: http://java.sun.com/products/servlet/external-
> > resources.html> LISTSERV Help:
> > " target="l">http://www.lsoft.com/manuals/user/user.html>
> >
> >
>
________________________________________________________________________
> ___
> > To unsubscribe, send email to [EMAIL PROTECTED] and include in
> > the body
> > of the message "signoff SERVLET-INTEREST".
> >
> > Archives: http:
> > Resources: http://java.sun.com/products/servlet/external-
> > resources.htmlLISTSERV Help:
> > http://www.lsoft.com/manuals/user/user.html
>
>
________________________________________________________________________
___
> To unsubscribe, send email to [EMAIL PROTECTED] and include in
> the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http:
> Resources: http://java.sun.com/products/servlet/external-
> resources.htmlLISTSERV Help:
> http://www.lsoft.com/manuals/user/user.html
>
________________________________________________________________________
___
> To unsubscribe, send email to [EMAIL PROTECTED] and include in
> the body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http:
> Resources: http://java.sun.com/products/servlet/external-
> resources.htmlLISTSERV Help:
> http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
