• Post Reply Bookmark Topic Watch Topic
  • New Topic

Problem with String functions  RSS feed

 
Shweta Grewal
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I wrote following code:


I get result:
select * from SbiDomains where valueCd = 1234 and domainCd = ? and name=Report?

desired result is:
select * from SbiDomains where valueCd = 1234 and domainCd =1568 and name=Report

What am I doing wrong?

 
John Jai
Rancher
Posts: 1776
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

replaceAll() takes a regex input and I think it fails since '?' has a special meaning in regex. Modify it to replace() or instead of '?' use symbols like '#' to make it work with replaceAll().
 
Eshwin Sukhdeve
Ranch Hand
Posts: 90
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
use this code.

 
John Jai
Rancher
Posts: 1776
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Eshwin,

Please UseCodeTags. You can edit your post and add code tags.
 
Eshwin Sukhdeve
Ranch Hand
Posts: 90
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok.
 
Jesper de Jong
Java Cowboy
Sheriff
Posts: 16060
88
Android IntelliJ IDE Java Scala Spring
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It looks like you are building an SQL statement.

You shouldn't use string concatenation etc. to build an SQL statement at all. This makes your program vulnerable to security problems such as SQL injection. Instead, you should use a PreparedStatement. It will handle filling in the parameters for the statement for you, and escape values properly to prevent SQL injection.

For example:

 
Shweta Grewal
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks all.
The problem is solved
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!