• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to parse hyphen in form post?

 
Chuan Ren
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am doing a form post to get a description input from user.

I am using Oracle database. When the data entered consist of ', (, ) it will break the sql Statement. What can I do to solve this problem?
Thank you.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64623
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not a JSP question, so I'm moving this along to the JDBC forum.
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34074
337
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Chuan,
You can either escape the special characters (like single quote) with a backslash or use a prepared statement. I recommend the prepared statement because it takes care of these details for you.
 
Chuan Ren
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am learning this from Mastering JSP chapter 13 which uses the connection manager bean. The sample code from the book is such:

The code seems tidy from a JSP page. however if it's a form post, and the l_username contains hyphen or ' or ), the sql statement breaks. How do I incorporate prepare statement in the above situation?
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34074
337
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sun's short course has a good example. Just scroll down to the section on prepared statements.
Since the example was from a book on JSPs, the author was probably trying to explain how to do a query in the most basic way than to provide an extremely robust solution.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic