Better. Prepared statements take care of some escaping which is not done in my solution.
Martin > -----Original Message----- > From: Dima Gutzeit [mailto:[EMAIL PROTECTED] > Sent: donderdag 9 oktober 2003 11:39 > To: Tag Libraries Users List > Subject: Re: Putting value ot a variable > > > or ... > > <sql:query var="getLeaveRecord"> > select * from emp_leaves where leave_id=? > <sql:param value="${param.name}"/> > </sql:query> > > > ----- Original Message ----- > From: "Martin van Dijken" <[EMAIL PROTECTED]> > To: "Tag Libraries Users List" <[EMAIL PROTECTED]> > Sent: Thursday, October 09, 2003 11:38 AM > Subject: RE: Putting value ot a variable > > > Hey Rajendra, > > Try: > > <sql:query var="getLeaveRecord"> > select * from emp_leaves where leave_id=<c:out > value='${param["name"]}'/> > </sql:query> > > Martin > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > Sent: donderdag 9 oktober 2003 11:36 > > To: Tag Libraries Users List > > Subject: Re: Putting value ot a variable > > > > > > > > Thanks Dima. > > I am stuck with another problem now. > > > > I have a variable in Java which i get from request. > > String s1 = request.getParamter("name"); > > > > I want to pass s1 into a SQL query which is like this: > > > > > > How do i put s1 into the tags? > > > > > > thanks > > -raj > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
