Postgres Pro
Downloads
Home   >   mailing lists

Re: JDBC driver and java strings - Mailing list pgsql-jdbc

From Chuck Davis
Subject Re: JDBC driver and java strings
Date
Msg-id 883e44790605161206i67fe08c5m163057a06087b11e@mail.gmail.com
Whole thread Raw
In response to Re: JDBC driver and java strings  ("Chuck Davis" <cjgunzel@gmail.com>)
List pgsql-jdbc
Tree view 
Kris:

I have to apologize.  That is not what I was doing in the class!  That
is my normal m.o. but I was doing it otherwise in this particular
class.  I will change to a PreparedStatement and assume that it is
going to fix my issue!

Thanks very much for the confirmation that this is supposed to work
and your prompt to reexamine the code.

Chuck

On 5/16/06, Chuck Davis <cjgunzel@gmail.com> wrote:
> Hi Kris:
>
> PreparesStatement.setString() is exactly what I am doing and any
> string with an apostrophe throws a syntax exception.  I'm very glad to
> hear this is supposed to work.
>
> Pseudo code for what I am doing
>
> on client
> String s = JTextfield.getText();
> DataObject.setString(s);
> send to server
> _________________________________
> on server
> PreparedStatement.setString(1, DataObject.getString());
> PreparedStatement.execute();
>
>
> I'm using postgres 8.1.3 with development driver for 8.2 since I was
> having problem with driver version 405.  Upgrade to JDBC driver did
> not help.
>
> Thanks for your response.
>
> Chuck
>
> On 5/16/06, Kris Jurka <books@ejurka.com> wrote:
> >
> >
> > On Tue, 16 May 2006, Chuck Davis wrote:
> >
> > > Does anybody know if there is a plan to make the driver handle java
> > > strings appropriately?  I have hit a showstopper.  If I enter data in
> > > a JTextfield with an apostrophe the driver chokes with a syntax error.
> > > I don't know how IBM does it but their JDBC driver handles
> > > apostrophes without a problem.  DB2 has been my main database but I'm
> > > evaluating Postgresql on Linux.  I can't ask my users to avoid
> > > entering data with an apostrophe and I'm too lazy to program around it
> > > since I know it can be done otherwise once and for all.
> >
> > If you use PreparedStatement.setString, any required quoting/escaping
> > should be done for you.  If you are building a SQL string yourself than
> > you are responsible for escaping it correctly.  You haven't said what
> > you're doing, but I find it hard to believe that it's postgresql's fault
> > or that DB2 has some magic to interpret bad data.  Perhaps you could be
> > more specific in what your code is doing?
> >
> > Kris Jurka
> >
>

pgsql-jdbc by date:

Previous
From: "A.M."
Date:
Subject: Re: COPY rehashed
Next
From: "Sriram Dandapani"
Date:
Subject: password authentication error