Re: escaping of SQL strings

Richard O. Hammer Sun, 14 Dec 2003 17:54:40 -0800

Thank you, Serge. PreparedStatement.setString() does the escaping trick, all right. I've confirmed this with testing. The API documentation didn't give me a clue.

Rich

Serge Knystautas wrote:

Richard O. Hammer wrote:

I stumbled into this question when, using my James-offshoot server, I sent a test message with a possessive (single quote) in the subject: Subject: Friday's test and it failed with java.sql.SQLException: ERROR: parser: parse error at or near "s"

You shouldn't do escaping yourself in Java. Do PreparedStatement.setString(paramNum, stringValue)

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: escaping of SQL strings

Reply via email to