wood burning stoves 2.0*
The moose likes JDBC and the fly likes Sniffing out apostrophe's in SQL Server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Databases » JDBC
Bookmark "Sniffing out apostrophe Watch "Sniffing out apostrophe New topic
Author

Sniffing out apostrophe's in SQL Server

Val Pecaoco
Ranch Hand

Joined: Dec 05, 2001
Posts: 156
Hi Ranchers,
I came up with the following code that sniffs out any apostrophe's occuring in data that is to be inserted/updated to an SQL Server table:

The problem is that I have some misgivings with the above code about being slow or not being fully optimized. Any ideas?
I'm still using JDK 1.3.1 - would regular expressions in JDK 1.4 help a lot?
Thanks in advance for your opinions.
Ex Animo Java!
-- Val
[ May 09, 2002: Message edited by: Val Pecaoco ]

"Knowledge is power, but enthusiasm is the key." -- Lavern Barn
mustang india
Ranch Hand

Joined: Feb 05, 2002
Posts: 60
Why cant we use just this
String s = "This is ''' my string";
System.out.println(s);
s = s.replace('\'', '\"');
System.out.println(s);1
This prints out
This is ''' my string and
This is """ my string
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

I've been put on record before, and I still say (even though it isn't the strict purpose) to use PreparedStatements.
Instead of trying to figure out what needs escaping and how to escape it, make it the responsibility of the Driver.
Dave
Val Pecaoco
Ranch Hand

Joined: Dec 05, 2001
Posts: 156
Hi mustang,
Originally posted by mustang india:
Why cant we use just this
String s = "This is ''' my string";
System.out.println(s);
s = s.replace('\'', '\"');
System.out.println(s);1
This prints out
This is ''' my string and
This is """ my string

But the string that will be stored in the database will be "This is """ my string", and not the original "This is ''' my string".
What my code did was to replace a single apostrophe with two, which, to a certain effect, the first apostrophe is a sort of escape character that tells SQL Server to accept the second apostrophe as data. I used the replace() method in StringBuffer because the replace() method in String can only replace a character with another single character, and '' obviously counts as two (which, formally, makes '' a String).
[ May 09, 2002: Message edited by: Val Pecaoco ]
mustang india
Ranch Hand

Joined: Feb 05, 2002
Posts: 60
What I had given is just an eample, u can replace any number of single quotes with double quotes
when u say
s = s.replace('\'', '\"');
This will replace all occurences of ' with ".
Yeah u can use this with StringBuffer as well.
Regards,
Mustang.
Jamie Robertson
Ranch Hand

Joined: Jul 09, 2001
Posts: 1879

Val, you create a lot of temporary strings in your code. Each substring method returns a new temporary string. A better way may be to convert the string to a char array like this:

That should cut down on the number temporary String objects created.
Ex Animo Java!
Jamie
[ May 13, 2002: Message edited by: Jamie Robertson ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Sniffing out apostrophe's in SQL Server
 
Similar Threads
request.getParameter in struts2
Problem in generating the Primary Key using a Sequence
4 choices on a lottery page
cant/wont clear the counter out
Replace a char in a String