Обсуждение: Re: JDBC driver and java strings

Поиск
Список
Период
Сортировка

Re: JDBC driver and java strings

От
"Chuck Davis"
Дата:
Does anybody know if there is a plan to make the driver handle java
strings appropriately?  I have hit a showstopper.  If I enter data in
a JTextfield with an apostrophe the driver chokes with a syntax error.
 I don't know how IBM does it but their JDBC driver handles
apostrophes without a problem.  DB2 has been my main database but I'm
evaluating Postgresql on Linux.  I can't ask my users to avoid
entering data with an apostrophe and I'm too lazy to program around it
since I know it can be done otherwise once and for all.

I looked in the archives for this year but I didn't see any mention of
the problem.

Chuck Davis

Re: JDBC driver and java strings

От
Kris Jurka
Дата:

On Tue, 16 May 2006, Chuck Davis wrote:

> Does anybody know if there is a plan to make the driver handle java
> strings appropriately?  I have hit a showstopper.  If I enter data in
> a JTextfield with an apostrophe the driver chokes with a syntax error.
> I don't know how IBM does it but their JDBC driver handles
> apostrophes without a problem.  DB2 has been my main database but I'm
> evaluating Postgresql on Linux.  I can't ask my users to avoid
> entering data with an apostrophe and I'm too lazy to program around it
> since I know it can be done otherwise once and for all.

If you use PreparedStatement.setString, any required quoting/escaping
should be done for you.  If you are building a SQL string yourself than
you are responsible for escaping it correctly.  You haven't said what
you're doing, but I find it hard to believe that it's postgresql's fault
or that DB2 has some magic to interpret bad data.  Perhaps you could be
more specific in what your code is doing?

Kris Jurka

Re: JDBC driver and java strings

От
"Chuck Davis"
Дата:
Hi Kris:

PreparesStatement.setString() is exactly what I am doing and any
string with an apostrophe throws a syntax exception.  I'm very glad to
hear this is supposed to work.

Pseudo code for what I am doing

on client
String s = JTextfield.getText();
DataObject.setString(s);
send to server
_________________________________
on server
PreparedStatement.setString(1, DataObject.getString());
PreparedStatement.execute();


I'm using postgres 8.1.3 with development driver for 8.2 since I was
having problem with driver version 405.  Upgrade to JDBC driver did
not help.

Thanks for your response.

Chuck

On 5/16/06, Kris Jurka <books@ejurka.com> wrote:
>
>
> On Tue, 16 May 2006, Chuck Davis wrote:
>
> > Does anybody know if there is a plan to make the driver handle java
> > strings appropriately?  I have hit a showstopper.  If I enter data in
> > a JTextfield with an apostrophe the driver chokes with a syntax error.
> > I don't know how IBM does it but their JDBC driver handles
> > apostrophes without a problem.  DB2 has been my main database but I'm
> > evaluating Postgresql on Linux.  I can't ask my users to avoid
> > entering data with an apostrophe and I'm too lazy to program around it
> > since I know it can be done otherwise once and for all.
>
> If you use PreparedStatement.setString, any required quoting/escaping
> should be done for you.  If you are building a SQL string yourself than
> you are responsible for escaping it correctly.  You haven't said what
> you're doing, but I find it hard to believe that it's postgresql's fault
> or that DB2 has some magic to interpret bad data.  Perhaps you could be
> more specific in what your code is doing?
>
> Kris Jurka
>

Re: JDBC driver and java strings

От
"Chuck Davis"
Дата:
Kris:

I have to apologize.  That is not what I was doing in the class!  That
is my normal m.o. but I was doing it otherwise in this particular
class.  I will change to a PreparedStatement and assume that it is
going to fix my issue!

Thanks very much for the confirmation that this is supposed to work
and your prompt to reexamine the code.

Chuck

On 5/16/06, Chuck Davis <cjgunzel@gmail.com> wrote:
> Hi Kris:
>
> PreparesStatement.setString() is exactly what I am doing and any
> string with an apostrophe throws a syntax exception.  I'm very glad to
> hear this is supposed to work.
>
> Pseudo code for what I am doing
>
> on client
> String s = JTextfield.getText();
> DataObject.setString(s);
> send to server
> _________________________________
> on server
> PreparedStatement.setString(1, DataObject.getString());
> PreparedStatement.execute();
>
>
> I'm using postgres 8.1.3 with development driver for 8.2 since I was
> having problem with driver version 405.  Upgrade to JDBC driver did
> not help.
>
> Thanks for your response.
>
> Chuck
>
> On 5/16/06, Kris Jurka <books@ejurka.com> wrote:
> >
> >
> > On Tue, 16 May 2006, Chuck Davis wrote:
> >
> > > Does anybody know if there is a plan to make the driver handle java
> > > strings appropriately?  I have hit a showstopper.  If I enter data in
> > > a JTextfield with an apostrophe the driver chokes with a syntax error.
> > > I don't know how IBM does it but their JDBC driver handles
> > > apostrophes without a problem.  DB2 has been my main database but I'm
> > > evaluating Postgresql on Linux.  I can't ask my users to avoid
> > > entering data with an apostrophe and I'm too lazy to program around it
> > > since I know it can be done otherwise once and for all.
> >
> > If you use PreparedStatement.setString, any required quoting/escaping
> > should be done for you.  If you are building a SQL string yourself than
> > you are responsible for escaping it correctly.  You haven't said what
> > you're doing, but I find it hard to believe that it's postgresql's fault
> > or that DB2 has some magic to interpret bad data.  Perhaps you could be
> > more specific in what your code is doing?
> >
> > Kris Jurka
> >
>