Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Escaping Characters in SQL Queries

 
Tapan Parikh
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Im trying to figure out how I can escape special characters in string constants in my SQL Query.
Is there any utility function I can use to do this? In the lack of this, anyone have any idea of the list of chars that need to be escaped (i know ' and % for instance) and their escape sequences, so that I can write one myself?
I am connecting to an ACCESS DB using Sun's JDBCODBC Bridge.
(BTW, Right now I am somewhat regretting this decision and wishing I had gone w/ ADO instead, because of this and other char encoding issues... Just a little 2 cents)
Best, Tap
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The best idea that I have seen come from this discussion in previous postings is to use the PreparedStatement. This way, you do not have to worry about special characters. Special characters are dependant on which database vendor you use, which does not make your code portable. Have you tried the PreparedStatement instead of the Statement?
Jamie
 
Tapan Parikh
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I dont think Java's JDBCODBC Bridge supports auto-escaping of chars in conn.prepareStatement. It just fires an exception when the query contains invalid chars...
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Here is a static method that I used before the PreparedStatement. The escape character in Oracle for ' was adding another single quote(''). You should replace the escape values to that of your database documentation.

I included the main method in it so you can see it run.
hope this helps,
Jamie
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic