7 messages in com.mysql.lists.javaRe: something that does the same as p...| From | Sent On | Attachments |
|---|---|---|
| Lance Kenneth Shade Titchkosky | 17 Feb 2000 06:51 | |
| Bob Carnahan | 17 Feb 2000 07:31 | |
| Mark Matthews | 17 Feb 2000 07:52 | |
| Thomas Malmberg | 17 Feb 2000 12:43 | |
| Jitendra Pradhan | 17 Feb 2000 13:10 | |
| Lance Titchkosky | 17 Feb 2000 13:45 | |
| Thomas Malmberg | 17 Feb 2000 22:07 |
| Subject: | Re: something that does the same as perl $dbh->quote()? |
|---|---|
| From: | Mark Matthews (mmat...@thematthews.org) |
| Date: | 02/17/2000 07:52:06 AM |
| List: | com.mysql.lists.java |
If you use PreparedStatements, they will handle all of the quoting/escaping for you.
-Mark (author of MM.MySQL)
----- Original Message ----- From: "Bob Carnahan" <bdca...@hi-net.ne.jp> To: "Lance Kenneth Shade Titchkosky" <lkst...@ucalgary.ca> Cc: <ja...@lists.mysql.com> Sent: Thursday, February 17, 2000 9:32 AM Subject: Re: something that does the same as perl $dbh->quote()?
I use sybase and jconnect and place double quotes around my strings I'm inserting into the sybase database. I modified method I use looks like the following which will place a double quote (") around double quotes within a string that can be sent over via an insert. This works fine for my requirement. This is just a quick sample I threw together just as a test:
public class sqlparse { public static void main(String args[]) { String strTest = "This contains \"double \"quotes\"" + " that need to be fixed.";
System.out.println("\nParsed string: " + parseQuotes(strTest)); }
public static String parseQuotes(String strQuotes) { StringBuffer strBuffer = new StringBuffer(strQuotes);
for(int i=0; i < strBuffer.length(); i++) { if(strBuffer.charAt(i) == '"') { strBuffer.insert(i, '"'); i++; } } return strBuffer.toString(); } }
Bob Carnahan
Lance Kenneth Shade Titchkosky wrote:
Hi there,
I'm starting to move away from a perl cgi app (that talks to a mysql db)
to using a servlet. I am wondering if there is something in java equivalent to the perl $dbh-?quote(USER INPUTTED STRING); For those of you who are not familiar with perls quote() it basically takes a string and escapes any reserved SQL characters and puts single quotes around the string. This could easily be done with a couple regex's but I would need to know what are all the reserved characters for SQL(I know ' and , are but what else)? Alternatively there may be a method that does this already, if so what is it?
Thanks,
Lance
--
Bob Carnahan (http://www.hi-net.ne.jp/~bdcarna) bdca...@hi-net.ne.jp
--------------------------------------------------------------------- Please check "http://www.mysql.com/Manual_chapter/manual_toc.html" before posting. To request this thread, e-mail java...@lists.mysql.com
To unsubscribe, send a message to the address shown in the List-Unsubscribe header of this message. If you cannot see it, e-mail java...@lists.mysql.com instead.