Hi:
I am using postgres 8.2 with the 8.2.504 jdbc3 driver.
I am getting data from a untrusted source. Hence a
prepared
statement. I also need a partial match.
String query = " select * from table_foo where bar =
LIKE %?% "
PreparedStatement ps = con.prepareStatement(query);
ps.setString(1, "haha");
....
This craps out when run. Try adding single quotes
before and
after the: %?%
String query = " select * from table_foo where bar =
LIKE '%?%' "
PreparedStatement ps = con.prepareStatement(query);
ps.setString(1, "haha");
...
This craps out too.
A quick search of the archives doesn't shed light on
this issue. I
don't need a JDBC escape since I want to use a % char.
So how do I use LIKE within a prepared statement ? I'm
sure I'm
missing something obvious here....
Best regards,
--j
____________________________________________________________________________________
Don't pick lemons.
See all the new 2007 cars at Yahoo! Autos.
http://autos.yahoo.com/new_cars.html
