Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to deal with single quote?

 
Renee Zhang
Ranch Hand
Posts: 72
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
By using PreparedStatement, I have no problem with insert and update. But when I am doing select, preparedstatement doesn't take care of '\'' for me.
For example, I have a sql statement.
String sqlStatement = " select * from mytable where text = 'Elenor's home'";
I am wondering besides replacing the '\'' with "''", is there any other ways to do it? Any idea will be helpful!
Thanks in advance!
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Renee Zhang:
By using PreparedStatement, I have no problem with insert and update. But when I am doing select, preparedstatement doesn't take care of '\'' for me.
For example, I have a sql statement.
String sqlStatement = " select * from mytable where text = 'Elenor's home'";
I am wondering besides replacing the '\'' with "''", is there any other ways to do it? Any idea will be helpful!
Thanks in advance!

PreparedStatement only works if you use the setXXX() methods.
eg. --> this works:

Jamie
 
Renee Zhang
Ranch Hand
Posts: 72
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks a lot! Jamie!
I really apreciate your help!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic