handling ' and " in a Prepared Statement
Hi,
I am using a prepared statement (WebLogic Portal Server having JDBC communication with MS SQL server)
I HAVE to pass a string like '"*ABC*"'
i.e. <single quote><double quote>*ABC<double quote><single quote>
If i hard code this value within the prepared statement it works.
If i try to pass it as argument it fails.
In my case the user may submit any string value in the place of ABC
Kindly advise
regards
-Ramudu
[503 byte] By [
Ramudua] at [2007-11-27 4:01:57]
# 1
You're probably trying to include the quotes in the prepared statement and pass the ABC as the text to substitute for the question mark. It doesn't really work like that. It's all or nothing. Create your parameter like this:
public String quoteWrapper(final String unwrappedParameter) {
return "'\"*"+unwrappedParameter+"*\"'";
}
# 2
Hi,
Thanks for the reply.
I have enabled the tracing in the weblogic JDBC connection part.
With that i am able to see the correct string is passed.
However it does not work.
i.e. '"*ABC*"' hardcoded within the prepared statement works. But passing the string does not work.
Any idea what is happening.
regards
-Ramudu
