Solved

Handling Double Quotes from Database

Posted on 2004-04-26
7
439 Views
Last Modified: 2010-08-05
There are 4 students including myself working for our college in the web department having trouble with the web pages we are working on.

The problem comes from whenever we pass double quotes to and retrieve them from the database. We are working with jsp pages and using stored procedures (that use sql) to access the database. We can't see the stored procedures, they are created by our supervisor, and he hasn't been able to help us work this out. Its getting quite messy and confusing and when one student can get it to work for some pages when another tries to apply it to the pages they are working on it doesn't work.

So far we've managed to pass double quotes to the database and get them back and print/view them. When we try to pass double quotes to an update page though they come out as question marks ? and then that gets passed to the database. Also when we type a double quote in an add form it will send double quotes to the database and we can retrieve it correctly but if we copy from a word document it gets sent as a question mark ?.

I'm not including the code because its happening in different ways between 3 different programs so I'm hoping that I can get a solution that we can apply to any page we use.

Our basic system tho is that we students create the web pages in .jsp, we sometimes use .js for functions and such. We call a java .class page when we need to access the database for adds, updates, deletes and just printing out a page dynamically from a database. We encode this in either a hypertext link or in form submit and we pass values such as ids to refine what we will get back from the database. Our java file is a huge if clause where we pass a mode (ie, mode is updateStaff, deleteHardware, addMember) and if mode = what we've sent it then we use a stored procedure (which we never see) to the database and if we get something back as an object we input it into a hashmap on our jsp pages. We don't use beans though I wonder if it might be useful to try to get into but we students don't know jsp when we start here and I, being second year, only covered basic beans that we made. I'm not sure where to find what information there is on pre-made beans and if they come with our software. For testing purposes we use Tomcat on our machines. We make pages using Dreamweaver and Textpad.

Can anyone offer any advice or point to any page that might have a solution that we will all be able to use and implement easily into future projects?

Thanks for any replies!
Linda
0
Comment
Question by:SweetChastity
7 Comments
 
LVL 35

Expert Comment

by:TimYates
Comment Utility
Sounds like an encoding problem...

A quick search of the web bring back this:

http://forums.devshed.com/archive/t-37396

Which sounds similar to your problem...

I think you will need to getBytes on the string before it goes to the database, and after it comes back, to make sure that what you are sending IS the double quote character

I hope you are using preparedstatements to put the data into the db

Are your machines all on the same locale (language)?

Tim
0
 
LVL 32

Expert Comment

by:ldbkutty
Comment Utility
Hai,

You can download any one of the application from

www.gotocode.com    and try to understand from the online demo of the programs. They have very good programs for SQL statements. They convert the 'double quotes' problem and many other problems similar to this by converting it to some other form and inserting/updating the values in the database.

I am currently using online portal application and i hope that this application will be more useful for u also.

Just try to understand the SQL functions in common.jsp (how the field entries are modified) ...in case u cannot get an idea of how it works or u cannot access, let me know....i will try to give my code.

Regards,
Jagdeesh.
0
 
LVL 35

Expert Comment

by:TimYates
Comment Utility
I just had a look at the gotocode site, and their handling of double quotes seems to be because they use java.sql.Statement, and not java.sql.PreparedStatement, so they have to catch doublequotes, otherwise they would be vunerable to SQL Injecttion attacks...
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 1

Accepted Solution

by:
KartikShah earned 500 total points
Comment Utility
Your problem is a very common problem :-), i.e. copy pasting the date from a word file. This happens because, word does not used the standard double quote (ASCII: 22) but it some other value. In addition the value for the opening double quote is different than the closing double quote is different :'(.

One solution to this problem is, when you are taking the input, search for the characters (you will need to search on the ASCII value) and when you come across a opening or closing double quote used in word, replace it with the normal double quote (ASCII: 22).

If you are extensively copy-pasting data from word, you migh need to take care of few other characters, like soft spaces i.e. the spaces used by word if "Justified alignment" is beinging used. There are other which I can't currently remember. So do take a look at those pitfalls also :-)

Hope this helps you in solving your problem. Best of luck.


0
 
LVL 4

Expert Comment

by:indigostark
Comment Utility
This is due to the fact that java uses UTF-8 to read characters,
Microsoft uses cp1205 language reference to denote "it's special characters"

The way I choose to over come this was to implement a javascript function which did a lookup on the all the MS special characters and convert them their native HTML characters (ie) ¡ etc

So you are then only storing plain text with it HTML special characters in your Database and your display problems should be fixed
0
 

Author Comment

by:SweetChastity
Comment Utility
Yeah, there doesn't seem to be any way around searching the entire thing word for word.  I'm not working on it but a fellow student is and what they had to use was hashcode.  They broke up the string into an array and then searched each word for special keys.  It seems like a lot of trouble but so long as it gets the job done.  Thanks for the replies!!
0
 

Author Comment

by:SweetChastity
Comment Utility
All the special characters we've tested work except for the % symbol.  It works in view and preview (to add to database) but when we call from the database to update its not showing up.  Is the % symbol more difficult to handle than the rest?  Is there a way to get it to work?
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now