• Post Reply Bookmark Topic Watch Topic
  • New Topic

apostrophe problem in JSTL SQL SELECT query

 
Bhagyashri Chaudhari
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i want to fetch data from product table where Cat_Name=Kid's Clothing

but it is not fetching the data of kid's clothing because it contains single quote. i have find the solution for that i.e replace function to escape the single quote but still it is not working

here is my JSTL code:





kindly suggest the answer.

Thank you.

 
K. Tsang
Bartender
Posts: 3604
16
Firefox Browser Java Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You need to use \\ to escape special characters.

 
Bhagyashri Chaudhari
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
yes. i used that but that was also not working.

fine i have got the solution

i just replace this code




with

this one














 
Dave Tolls
Ranch Hand
Posts: 2270
23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Putting aside that the query tag shouldn't really be used outside of prototyping, you should be using the <sql:param> tag to bind the cat variable, so using it as a PreparedStatement.
At the moment you have something that is prone to SQL injection.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!