how to insert a string containing a single quote to the msql database? help

how can i insert a string which contains a single quote in to database... anyone help

Message was edited by:

sijo_james

[139 byte] By [sijo_jamesa] at [2007-11-27 11:33:16]

«« Modifying code so that JCheckBox can be used instead of JComboBox
»» how to handle multiple key press in numeric keys

# 1

By using PreparedStatement.

BalusCa at 2007-7-29 16:50:19 >

top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...

# 2

How I got this solved for myself is to write a sqlEscape() function. This function takes a string, and returns a SQL Safe string. The number of characters you want to escape would depend on your dataset and database. This page explains the escaping required for MySQL : http://dev.mysql.com/doc/refman/5.0/en/string-syntax.html.

HTH.

mADHURtANWANIa at 2007-7-29 16:50:19 >

# 3

Absolutely, Positively use a PreparedStatement. Do not use sqlEscape() function unless you have some overriding need (and I don't know what that could possibly be).

There are 1000's of posts on the positive aspects of using a PreparedStatement rather than using a Statement. The two primary positive attributes of using a PreparedStatement are automatic escaping of Strings and a stronger security model for your application.

WorkForFooda at 2007-7-29 16:50:19 >

# 4

You have to escape single quotes with a single quote in SQL.

I'll be back

I''ll be back

isc049a at 2007-7-29 16:50:19 >

Database Connectivity

Java Database Connectivity (JDBC)

Java Database Connectivity (JDBC)

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

how to insert a string containing a single quote to the msql database? help

Database Connectivity Hot Topic

Database Connectivity

All Classified