This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
When I use query- "INSERT INTO tab_name VALUES(param1,param2)" and passes email as parameter it shows syntax error at char "@"... why? I know that this can be solved by using PreparedStatement... but if I wants to use same query..how to do it?
Wendy Gibbons wrote:oh you think he had missed the quotes and it was trying to use them as column names
Yeah, this commonly happens when people don't use PreparedStatement and try to build their SQL via string concatenation. Which is why you should always use PreparedStatement unless there's an extremely good reason why you can't.
Joined: Feb 05, 2012
Oh yah..I got it...sorry for my stupidity...
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com