Advertisement

10.31.2007 at 03:56AM PDT, ID: 22929315
[x]
Attachment Details

SQL Insert check for single quote in sql statement

Asked by elschott in Java Editors & IDEs

Tags: sql, insert, single, quote

I am using a text area to collect some string data which will be updated to an external database what do I need to gaurd against a single quote being entered which will cause an error in sql syntax in my string. I am using the following to build my sql string

String sqlUpdate = "INSERT INTO message (messageID, sender, subject, body) VALUES ('"+ messageID + "', '" + sender + "', '" + subject + "', '" + body + "')";

thanks

JakeStart Free Trial
[+][-]10.31.2007 at 04:02AM PDT, ID: 20184097

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Java Editors & IDEs
Tags: sql, insert, single, quote
Sign Up Now!
Solution Provided By: objects
Participating Experts: 3
Solution Grade: A
 
 
[+][-]11.01.2007 at 03:14AM PDT, ID: 20191650

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]11.01.2007 at 08:47PM PDT, ID: 20198312

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628