Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Inserting data which contains quote from Java Program

 
Suresh Kanagalingam
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
I am writing a Java program which needs to insert names, which may contain commas, single quotes (') and so on. Currently I have a line which states as follows:
"INSERT INTO TBNAMES VALUS ('clientNumber', 'name');"
It is throwing an error when the name contains a single quote (ORA-00917 : missing comma)
Then I changed the code as follows:
"INSERT INTO TBNAMES VALUS (:clientNumber, :name);"
Now it complains that not all variables defined (ORA-01008 : Not all variables defined).
Can any one shead some light on this?
Thanks
Suresh
 
Dave Vick
Ranch Hand
Posts: 3244
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Suresh
The best place to find an answer for this question would be the JDBC forum search page .
Here's a hint - preparedStatement.
 
Suresh Kanagalingam
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Will check JDBC forum.
Thank You
Suresh
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
are you using a PreparedStatement? Other wise, if you encounter a customer with the name O'Neil, your statement will be incorrect. You can correct the statement by escaping all special characters in a method you call for every value, or just use PreparedStatement and it will take care of it for you.
If you post the actual offending code (your queries that you posted don't make much sense) , it would be easier to tell you exactly what is wrong.
about your query:
you posted "INSERT INTO TBNAMES VALUS ('clientNumber', 'name');". If this is what you have in your program you should change it to:
"INSERT INTO TBNAMES VALUES('" + clientNumber + "', '" + name + "')" if clientNumber and name are variables. Also, leave out the semi-colon at the end.

Jamie
[ January 26, 2002: Message edited by: Jamie Robertson ]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic