Forums Register Login

Problem with quotes (escape characters)

+Pie Number of slices to send: Send
Hi friends!

This is my code::
String insertthis="This is a s'amp'le test";
String sql="insert into tableA values(insertthis)";
ResultSet rs=stmt.execSQL(sql);
The upperquotes in the text which im trying to insert is creating
problem.Can any one throw me some code to effectively use escape characters
i.e replacing the upperquotes with the the appropriate escape characters

Thanx in advance,
+Pie Number of slices to send: Send
Try
String sql="insert into tableA values('"+insertthis+"')";
+Pie Number of slices to send: Send
One word: PreparedStatement
+Pie Number of slices to send: Send
Thanx for all your replies
You have wrongly interpreted my question
String insertthis="This is a s'amp'le test";
String sql="insert into tableA values('"+insertthis+"')";
The query is fine.The actual problem is like this,
Since there theres some singlequotes(') in the text which im trying to insert
im getting sql exception.Now I want any one of you guys to tell me,how to escape the singlequotes(')

+Pie Number of slices to send: Send
have u tried implementing \' instead of directly applying those single quotes
+Pie Number of slices to send: Send
Or, repeating myself, have you tried using a PreparedStatement where you don't need to worry about it in the first place?
+Pie Number of slices to send: Send
Listen to the Bear. People often think that the only use for a PreparedStatement is when you're using the same query many times. However this is a good example of another case when you should consider using a PreparedStatement.
If you move between databases, you'll quickly find that some use single quotes for delimiters, some use double quotes, and other support either. Handling nested single and/or double quotes is tricky.
The other "hard" data type is the date or timestamp. Every database has a different format for how you specify the value.
If you use a PreparedStatement, you don't have to worry about what delimiters are used with character data, what escape character should be used with quotes [or other special characters], or what format your date or time needs to be in. The drivers handle that auto-magically. And your code becomes much more portable between different databases.
+Pie Number of slices to send: Send
Thanx for Bear ,William and every one,
This is the code I tried,
String psql="insert into labgeneral (labgeneral_labid,labgeneral_slogan,labgeneral_logo,labgeneral_image,labgeneral_imagetext,labgeneral_para1,labgeneral_para2)"+
"values(?,?,?,?,?,?,?)";
out.println(psql);
PreparedStatement pstmt=con.prepareStatement(psql);
int labidi=Integer.parseInt(labid);
pstmt.setInt(1,labidi);
pstmt.setString(2,T1);
pstmt.setString(3,logoname);
pstmt.setString(4,imagename);
pstmt.setString(5,T2);
pstmt.setString(6,S1);
pstmt.setString(7,S2);
pstmt.executeUpdate();
I am able to insert the string with quotes sucessfully,but while retriving im not getting that upper quotes,insted I get some symbol [] like this in the place of quotes.How to overcome this?
It's hard to fight evil. The little things, like a nice sandwich, really helps. Right tiny ad?
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 914 times.
Similar Threads
how to listen for char ' and "?
SQLException: ORA-00911: invalid character
Simple mdb connection Error
special charcter in oracle urgent
Problem with single quote
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 29, 2024 08:16:46.