--- Dwight Farris <[EMAIL PROTECTED]> wrote: > Thanks for your response; I will look into the SQL > code > > Dwight > > -----Original Message----- > From: gb1071nx > [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 27, 2007 9:47 AM > To: Tomcat Users List > Subject: RE: TOMCAT 5.0.28 stability > > This is certainly not a tomcat stability problem, > it's the application > that has been coded poorly > > > syntax to use near 's Time Management workshop > > You've got some SQL code somewhere that looks like > this: > > String sql = "INSERT INTO table (foo) VALUES('" + > fooVar + "')"; > > And you're inserting data (fooVar variable contains) > > "Manager's Time Management workshop" > > Which results in SQL that looks like: > > INSERT INTO table (foo) VALUES('Manager's Time > Management workshop') > > Notice how the single quote results in mal-formed > SQL? >
Dwight, Take a look at JDBC's PreparedStatement and use the setString() method to set the "Manager's Time Management workshop" value. This will also serve to avoid SQL injection. -Bob ____________________________________________________________________________________ TV dinner still cooling? Check out "Tonight's Picks" on Yahoo! TV. http://tv.yahoo.com/ --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
