Postgres Pro
Downloads
Home   >   mailing lists

Re: Java Strings and quote marks - Mailing list pgsql-general

From Riyad Kalla
Subject Re: Java Strings and quote marks
Date
Msg-id bq2i70$29nt$1@news.hub.org
Whole thread Raw
List pgsql-general
Tree view 
I have no idea where the backslashes are comming from... very strange.
Are you building your string, then printing it out and it has
backslashes in it from nowhere?

Also, you should probably use a PreparedStatement for this, it will
handle everything for you:

String sqlQuery = "INSERT INTO mytable (fname, lname, age) VALUES (?, ?,
?)";
Connection c = //get connection
PreparedStatement ps = c.prepareStatement(sqlQuery);
ps.setString(1, /* get first name */);
ps.setString(2, /* get last name */);
ps.setString(3, /* get age */);
ps.executeUpdate();
ps.close();
c.close();

Best,
-Riyad

P.S.> Benefits of prepared statements are:
1) If you are doing this in a loop, they are a must.
2) If the driver/db support it, the statement is compiled and cached in
the DB so next time you execute the query, your new params are sent
across to DB and it just reexecutes the statement with new params and
doesn't need to recompile. Executing a statement requires it to be
compiled each time (I think).

Eamon Reyn wrote:

> Hi I am trying to do an insert query but for some reason although there
> appears to be no exception thrown my data does not get into the database.
>
> I will try to explain what I am doing
>
> In SQL you can do the following sort of statement
>
> INSERT INTO mytable (fname, lname, age) VALUES ('Joe', 'Bloggs', 20);
>
> I realise this is not a java newsgroup but please forgive my use of java
> specific syntax below.
>
> I am trying to replicate this in Java by doing this
>
>     String query = "INSERT INTO mytable (fname, lname, age) VALUES ";
>     query = query + " ('" + method call that returns a string + "', '"
>     query = query + method call that returns a string + "', "
>     query = query + method call that returns an int + ");"
>
>     executeUpdate(query);
>
> as far as I am concerned this should equate to the same thing as I wrote in
> the first instance, but when I inspect the contents of the literal query it
> appears as
>
> INSERT INTO mytable (fname, lname, age) VALUES (\'Joe\', \'Bloggs\', 20);
>
> ^^^^^^^^^^^^^^^
>
> Inserts backslashes
>
> Is this why my Update is not working and if so what do I need to do.
>
> Thanks in advance,
> Eamon.
>
>

pgsql-general by date:

Previous
From: Jeremiah Jahn
Date:
Subject: cross table indexes?
Next
From: Jeremiah Jahn
Date:
Subject: Re: Large objects [BLOB] again - general howto