Thread: single quotes again
Hello,
In looking around for a way to insert entries via html for via JDBC
containing single quotes I came upon this:
escapeQuotes
protected java.lang.String escapeQuotes(java.lang.String old)
Tokenizes the original string with \' and \" as delimiters, then
replaces them with \\\' and \\\", respectively. This is primarily useful
for escaping quotes that will be interpreted as part of a mySQL query.
Is there a method like this that is callable for Postgresql JDBC driver
too?
I also found this method
private String escape(String s) {
String retvalue = s;
if ( s.indexOf ("'") != -1 ) {
StringBuffer hold = new StringBuffer();
char c;
for ( int i = 0; i < s.length(); i++ ) {
if ( (c=s.charAt(i)) == '\'' )
hold.append ("''");
else
hold.append(c);
}
retvalue = hold.toString();
}
return retvalue;
}
Not being a java god - where do I insert this in my jsp code? Each form
has several fields where single quotes may be inserted.
TIA
Cheers
Tony Grant
--
I have localized the source of my problem. Macromedia Ultradev is JSP 1.0 The previous version of Tomcat I was running was also JSP 1.0. The escaping of single quotes in sql queries was handles automagically. Moving to Tomcat 3.2 and Tomcat 4.x I am now running a JSP 1.1 or 1.2 container. Now the escaping seems to be handled by a jakarta taglib. The other solution seems to be - manually modify the JSP source to put " around the insert statements. Cheers Tony Grant --
Hi Tony, I'm not sure if it's any help but I had the same kind of problem when writing the user signup code in PHP for the techdocs site. In PHP there's a set of functions called rawurlencode() and rawurldecode() which take an input string (i.e. D'Arcy Cain) then make it URL encodes i.e. D%28Arcy%20Cain (not sure about the value numbers there). I just rawurlencode() everything after receiving it, use the URL encoded version everywhere in the code for safety, then before displaying it run the output through rawurldecode(). This way I never have to worry about the user input, as the only characters that are ever there are alpha's and the % character. Not doing LIKE queries so it's all good. If Java has a method to URL encode stuff then it might be the way to go. It does mean you have to enlarge your column widths though. :-) Regards and best wishes, Justin Clift tony wrote: > > I have localized the source of my problem. > > Macromedia Ultradev is JSP 1.0 > The previous version of Tomcat I was running was also JSP 1.0. The > escaping of single quotes in sql queries was handles automagically. > > Moving to Tomcat 3.2 and Tomcat 4.x I am now running a JSP 1.1 or 1.2 > container. Now the escaping seems to be handled by a jakarta taglib. The > other solution seems to be - manually modify the JSP source to put " > around the insert statements. > > Cheers > > Tony Grant > > -- > > ---------------------------(end of broadcast)--------------------------- > TIP 3: if posting/reading through Usenet, please send an appropriate > subscribe-nomail command to majordomo@postgresql.org so that your > message can get through to the mailing list cleanly -- "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi
Can some kind soul please walk me through installing jakarta taglibs in an application. I followed to the letter the instruction on the site and I can't get the URI right i.e. the JSP page cant find the dbtags taglib. TIA Tony GRant -- RedHat Linux on Sony Vaio C1XD/S http://www.animaproductions.com/linux2.html Macromedia UltraDev with PostgreSQL http://www.animaproductions.com/ultra.html
Hi Tony, If this response is too far off the track for the JDBC mailing list, I apologize in advance. I'm working on the same problem myself and I know how fustrating it can be when you feel that you are just a few short steps away from having a problem worked out but still can't find the one bit of info you need to get all theway to the finish. I think I have things most of the way figured out. I ran into this problem trying to get the dbForms package to work with tomcat inside of the netbeans ide. When I would try to compile my jsp page that included tags from this package I would get the error that it couldn't open taglibs as it couldn't find the tab libraries. Put the dbforms.tld in your WEB-INF folder. Put the dbforms_v1_07.jar in your WEB-INF/lib directory. This cleared up the problem for me. There is a word document on the dbforms.org web site that has more information on deploying a dbforms application. The information you need is in this document. You can actually cut and paste sections of this document with regard to the web.xml file which will get you going pretty quick. There are also some additional jars that you may need to put into your WEB_INB/libs directory that can be downloaded from the dbforms website. I'm still having trouble as when I start tomcat inside of the netbeans ide as it complains about my logj4 properties as weel as some other erros that I don't yet understand. If you have any clues on this I'd be greatful. Dennis tony wrote: >Can some kind soul please walk me through installing jakarta taglibs in >an application. > >I followed to the letter the instruction on the site and I can't get the >URI right i.e. the JSP page cant find the dbtags taglib. > >TIA > >Tony GRant > -- _________ |~~ @| | ==== | Dennis Roman Gesker ICQ: 194047 | ==== | mailto:dennis@gesker.com Fax: 413.740.4653 |_________| http://www.gesker.com
On Thu, 2002-04-11 at 16:24, Dennis R. Gesker wrote: > Put the dbforms.tld in your WEB-INF folder. Put the dbforms_v1_07.jar in > your WEB-INF/lib directory. This cleared up the problem for me. Problem: that is what I did (dbtags in my case) I have tried restarting tomcat restarting the machine restarting installing as per written instructions... I'll work on it some more. Cheer Tony Grant -- RedHat Linux on Sony Vaio C1XD/S http://www.animaproductions.com/linux2.html Macromedia UltraDev with PostgreSQL http://www.animaproductions.com/ultra.html
http://www.jspinsider.com/tutorials/jsp/taglibraries/wrox/4656_Content.html Has the answer for dbtags <%@ taglib uri="/dbtags.jar" prefix="sql" %> works. Now I need to find out how to use the tags inside of Ultradev code. <comment> this is symptomatic of jakarta documentation - the wrong directives are given in the "official" doc and some poor soul has written correct documentation which the user has to find alone elsewhere. I am not being critical in a negative manner when I say this. I put my keyboard where my mouth was once already and wrote some corrections and assembled the correct information in one place. I will do so again as soon as I get this sorted. I do find that it is not a very positive image to give to a great project though. Tomcat is way too hard to figure out from the included documentation. </comment> Cheers Tony Grant -- RedHat Linux on Sony Vaio C1XD/S http://www.animaproductions.com/linux2.html Macromedia UltraDev with PostgreSQL http://www.animaproductions.com/ultra.html