RE: far reaching db question

[Jos� Gustavo Zagato]

Follow something like this :

public static String transformDatabaseStatement(String statement) {
                String sqlStatement = "";
                if (statement.indexOf("'") > 0) {
                        sqlStatement = statement.replaceAll("'", "''");
                } else {
                        sqlStatement = statement;
                }
                return sqlStatement;
        }

Then call this method when passing your values to your insert method.

  Jos� Gustavo Zagato Rosa
System Analyst - Atos Origin
[EMAIL PROTECTED]


-----Original Message-----
From: Manuel Lenz [mailto:[EMAIL PROTECTED] 
Sent: sexta-feira, 24 de outubro de 2003 11:43
To: Struts Users Mailing List
Subject: far reaching db question






I create DB-Inserts from my struts application.
But If an user types in the sign ' any dynamicly created inserts fail.
This ist because of the sql-syntax which divides the string which will
be
saved with '.

For example: insert into table test (name, number) values ('mr burns',
'01723256477');

How can I handle inserts in html-formulars which have the typed sign ' ?

Greetings,
Manuel



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]