This week's book giveaway is in the Cloud/Virtualizaton forum.
We're giving away four copies of Mesos in Action and have Roger Ignazio on-line!
See this thread for details.
Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

how to deal with the special character in java and oracle!!!

 
Geoffrey Ren
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
when I got the user inputting. For example, user input the value "test's"/"test&s"/"test\s". How to insert the value into oracle DB by jdbc.
Thanks for you reply!
 
Jamie Robertson
Ranch Hand
Posts: 1879
MySQL Database Suse
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
PreparedStatement will do the escaping for you:

either that or do a loop and escape every "bad" character in the string. The choice is usually PreparedStatement.
Jamie
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anything other than a PreparedStatement is madness. This becomes even clearer when you start to consider things like date formats. Ok, so you could use ANSI SQL escape syntax -- hands up everyone who can write down a date literal using escape syntax without consulting some kind of reference! And now hands up those who'd never heard of this syntax before... Thought so.
- Peter
 
Surendran Velath
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use a Statement also
stmt.executeUpdate("test''s"/"test&s"/"test\s");
only remember that a single quote needs an additional single quote
test''s
all other characters are accepted directly
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic