Peter Choe wrote:
> i am trying to add a record of a name. the name has an apostrophe
> (O'Neil).
>
> i am doing this through a servlet and wrote the code to use
> PreparedStatement.
>
> when i do:
>
> ...
> PrepareStatement pstmt = con.prepareStatement("INSERT INTO directory
> (name, phone) VALUES (?,?)");
> pstmt.setString(1, name);
> pstmt.setString(2, phone);
> pstmt.executeUpdate();
> ...
>
We do this all the time (pg 7.3, java 1.4) without any problems. The
only problem I see with this snippet is the lack of a terminating
semicolon on your insert statement (after (?,?)).
> i get the following error:
>
> java.sql.SQLException: ERROR: parser: parse error at or near "NEIL" at
> character 47
>
> at org.postgresql.core.QueryExecutor.execute(QueryExecutor.java:94)
> at org.postgresql.Connection.ExecSQL(Connection.java:398)
> at org.postgresql.jdbc2.Statement.execute(Statement.java:130)
> at org.postgresql.jdbc2.Statement.executeQuery(Statement.java:54)
>
> i thought that if i use the setString() method of the prepared
> statement, it would automatically escape the apostrophe.
>
> it only seems to be doing it on INSERT. with UPDATE it seems to behave
> as it should (escape the character).
>
> if i enter the record from psql, it works fine.
>
> i am using postgres 7.2 on a freebsd 4.3 platform and jdk1.3.1
>
> Peter Choe
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
>