Re: Possible addition to StringUtils

2001-12-11 Thread Fredrik Lindgren
Well, it should escape & in both #PCDATA and attributes. Entity references are allowed in both places. /Fredrik Lindgren > XmlUtils takes care of this. Although there is no unescapeXml method and > it only handles < > and &. Plus it's not smart about attributes. It will > escape both the & in:

Re: Possible addition to StringUtils

2001-12-11 Thread Chad Johnson
- Original Message - From: <[EMAIL PROTECTED]> To: "Jakarta Commons Developers List" <[EMAIL PROTECTED]> Sent: Tuesday, December 11, 2001 7:22 AM Subject: Re: Possible addition to StringUtils > So now we have: > > escape(String target, Map replacement

RE: Possible addition to StringUtils

2001-12-11 Thread Laird J. Nelson
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > I suggest we wait to see your method when you submit it and see if it > satisifies Chad's requirements. Or at least, see if we can > change it from > Writer to String and see if that works :) Righto; I'm on it. Y

Re: Possible addition to StringUtils

2001-12-11 Thread bayard
On Tue, 11 Dec 2001, Chad Johnson wrote: > > Respectfully disagree. If someone calls the escape method on a string, > > and wants, say, single quotes escaped, then all single quotes in the > > string, period, should be escaped. But then I tend to think > After running an example through my

Re: Possible addition to StringUtils

2001-12-11 Thread bayard
> Has anyone thought of the requirements for HTML strings? > > " => " => " > & => & => & > < => <=> < > > => >=> > XmlUtils takes care of this. Although there is no unescapeXml method and it only handles < > and &. Plus it's not

Re: Possible addition to StringUtils

2001-12-11 Thread Michael Davey - Senior Support Engineer
Chad wrote: > Hmm, > After running an example through my head of getting input that is > quoted, I'd have to agree. If I got the string "bob''s" as input I'd want > to get it escaped to "bobs" so I could get it properly unescaped back > to its original form. That line of thinking takes m

Re: Possible addition to StringUtils

2001-12-10 Thread Chad Johnson
- Original Message - From: "Laird J. Nelson" <[EMAIL PROTECTED]> To: "Jakarta Commons Developers List" <[EMAIL PROTECTED]> Sent: Monday, December 10, 2001 9:00 PM Subject: RE: Possible addition to StringUtils > Respectfully disagree. If someone calls t

Re: Possible addition to StringUtils

2001-12-10 Thread Chad Johnson
cter A. A = {"'", "t", 'b'} B = {"'","\","\"} -Chad Johnson - Original Message - From: <[EMAIL PROTECTED]> To: "Jakarta Commons Developers List" <[EMAIL PROTECTED]> Sent: Monday, Decem

Re: Possible addition to StringUtils

2001-12-10 Thread bayard
ar to replace() > except it would need to check if the character in question is already > escaped. > > > -Chad Johnson > > - Original Message - > From: "Scott Sanders" <[EMAIL PROTECTED]> > To: "'Jakarta Commons Developers List'"

Re: Possible addition to StringUtils

2001-12-10 Thread Chad Johnson
escaped. -Chad Johnson - Original Message - From: "Scott Sanders" <[EMAIL PROTECTED]> To: "'Jakarta Commons Developers List'" <[EMAIL PROTECTED]> Sent: Monday, December 10, 2001 2:11 PM Subject: RE: Possible addition to StringUtils > Would it n

RE: Possible addition to StringUtils

2001-12-10 Thread bayard
It would be great to have a look at them Laird. Looking forward to it, Bay On Mon, 10 Dec 2001, Laird Nelson wrote: > Scott Sanders wrote: > > Would it not be useful to have a generic string escaper, > > that says for character x in a string, escape it with y? > > (I've been lurking for a wh

RE: Possible addition to StringUtils

2001-12-10 Thread henri
e: > Or perhaps one would just use RegExp or Oro? :) > > Scott > > > -Original Message- > > From: Scott Sanders [mailto:[EMAIL PROTECTED]] > > Sent: Monday, December 10, 2001 12:12 PM > > To: 'Jakarta Commons Developers List' > > Subject: RE

RE: Possible addition to StringUtils

2001-12-10 Thread Laird Nelson
Scott Sanders wrote: > Would it not be useful to have a generic string escaper, > that says for character x in a string, escape it with y? (I've been lurking for a while; this prompted me to chime in.) I've got a bunch of String related stuff (who hasn't?), some or all of which I'd like to do

RE: Possible addition to StringUtils

2001-12-10 Thread Scott Sanders
Or perhaps one would just use RegExp or Oro? :) Scott > -Original Message- > From: Scott Sanders [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 10, 2001 12:12 PM > To: 'Jakarta Commons Developers List' > Subject: RE: Possible addition to StringUtils >

RE: Possible addition to StringUtils

2001-12-10 Thread Scott Sanders
elopers List > Subject: Re: Possible addition to StringUtils > > > On 12/9/01 9:14 PM, "Chad Johnson" <[EMAIL PROTECTED]> wrote: > > > Hey, > > Just wondering if a method that escapes single and double > quotes, and > > other potential SQL query bre

Re: Possible addition to StringUtils, part II

2001-12-10 Thread Chad Johnson
, 2001 12:58 AM Subject: Re: Possible addition to StringUtils, part II > > How is this different from an uppercase method? > > There already is a capitaliseAllWords method if that was what you meant? > > Sorry to continue to only have a negative response. > > Bay >

Re: Possible addition to StringUtils, part II

2001-12-09 Thread bayard
How is this different from an uppercase method? There already is a capitaliseAllWords method if that was what you meant? Sorry to continue to only have a negative response. Bay On Mon, 10 Dec 2001, Chad Johnson wrote: > Hey, > In the past I've found that an upper-case words method is quite

Possible addition to StringUtils, part II

2001-12-09 Thread Chad Johnson
Hey, In the past I've found that an upper-case words method is quite usefull. A word would be defined as any letter preceeded by a space, horizontal tab, vertial tab, form-feed, new line, or carriage return. Any thoughts? -Chad Johnson -- To unsubscribe, e-mail:

Re: Possible addition to StringUtils

2001-12-09 Thread Chad Johnson
functionality of PreparedStatements. -Chad Johnson - Original Message - From: <[EMAIL PROTECTED]> To: "Jakarta Commons Developers List" <[EMAIL PROTECTED]> Sent: Sunday, December 09, 2001 11:02 PM Subject: Re: Possible addition to StringUtils > Reasons why not: &g

Re: Possible addition to StringUtils

2001-12-09 Thread bayard
Reasons why not: 1) Craig pointed out that using PreparedStatements all the time is a better programming style and will avoid lots of nasty problems. Equally though, what cases have you come across when PrepStats aren't really viable?? When creating dynamic SQL I have found them to be a little bi

Re: Possible addition to StringUtils

2001-12-09 Thread Jason van Zyl
pers List <[EMAIL PROTECTED]> >> To: Jakarta Commons Developers List <[EMAIL PROTECTED]> >> Subject: Re: Possible addition to StringUtils >> >> On 12/9/01 9:14 PM, "Chad Johnson" <[EMAIL PROTECTED]> wrote: >> >>> Hey, >>>

Re: Possible addition to StringUtils

2001-12-09 Thread Craig R. McClanahan
On Sun, 9 Dec 2001, Jason van Zyl wrote: > Date: Sun, 09 Dec 2001 22:09:05 -0500 > From: Jason van Zyl <[EMAIL PROTECTED]> > Reply-To: Jakarta Commons Developers List <[EMAIL PROTECTED]> > To: Jakarta Commons Developers List <[EMAIL PROTECTED]> > Subject: Re:

Re: Possible addition to StringUtils

2001-12-09 Thread Jason van Zyl
On 12/9/01 9:14 PM, "Chad Johnson" <[EMAIL PROTECTED]> wrote: > Hey, > Just wondering if a method that escapes single and double quotes, and > other potential SQL query breaking characters has been considered for > addition to the StringUtils class? Probably not. I'd say that's a little specific

Possible addition to StringUtils

2001-12-09 Thread Chad Johnson
Hey, Just wondering if a method that escapes single and double quotes, and other potential SQL query breaking characters has been considered for addition to the StringUtils class? I'd imagine this would be usefull when using a prepared statement for query construction with insecure data isn't a