Handling Double Quotes from Database

Posted on 2004-04-26
Last Modified: 2010-08-05
There are 4 students including myself working for our college in the web department having trouble with the web pages we are working on.

The problem comes from whenever we pass double quotes to and retrieve them from the database. We are working with jsp pages and using stored procedures (that use sql) to access the database. We can't see the stored procedures, they are created by our supervisor, and he hasn't been able to help us work this out. Its getting quite messy and confusing and when one student can get it to work for some pages when another tries to apply it to the pages they are working on it doesn't work.

So far we've managed to pass double quotes to the database and get them back and print/view them. When we try to pass double quotes to an update page though they come out as question marks ? and then that gets passed to the database. Also when we type a double quote in an add form it will send double quotes to the database and we can retrieve it correctly but if we copy from a word document it gets sent as a question mark ?.

I'm not including the code because its happening in different ways between 3 different programs so I'm hoping that I can get a solution that we can apply to any page we use.

Our basic system tho is that we students create the web pages in .jsp, we sometimes use .js for functions and such. We call a java .class page when we need to access the database for adds, updates, deletes and just printing out a page dynamically from a database. We encode this in either a hypertext link or in form submit and we pass values such as ids to refine what we will get back from the database. Our java file is a huge if clause where we pass a mode (ie, mode is updateStaff, deleteHardware, addMember) and if mode = what we've sent it then we use a stored procedure (which we never see) to the database and if we get something back as an object we input it into a hashmap on our jsp pages. We don't use beans though I wonder if it might be useful to try to get into but we students don't know jsp when we start here and I, being second year, only covered basic beans that we made. I'm not sure where to find what information there is on pre-made beans and if they come with our software. For testing purposes we use Tomcat on our machines. We make pages using Dreamweaver and Textpad.

Can anyone offer any advice or point to any page that might have a solution that we will all be able to use and implement easily into future projects?

Thanks for any replies!
Question by:SweetChastity
LVL 35

Expert Comment

ID: 10917772
Sounds like an encoding problem...

A quick search of the web bring back this:

Which sounds similar to your problem...

I think you will need to getBytes on the string before it goes to the database, and after it comes back, to make sure that what you are sending IS the double quote character

I hope you are using preparedstatements to put the data into the db

Are your machines all on the same locale (language)?

LVL 32

Expert Comment

ID: 10917805

You can download any one of the application from    and try to understand from the online demo of the programs. They have very good programs for SQL statements. They convert the 'double quotes' problem and many other problems similar to this by converting it to some other form and inserting/updating the values in the database.

I am currently using online portal application and i hope that this application will be more useful for u also.

Just try to understand the SQL functions in common.jsp (how the field entries are modified) case u cannot get an idea of how it works or u cannot access, let me know....i will try to give my code.

LVL 35

Expert Comment

ID: 10917942
I just had a look at the gotocode site, and their handling of double quotes seems to be because they use java.sql.Statement, and not java.sql.PreparedStatement, so they have to catch doublequotes, otherwise they would be vunerable to SQL Injecttion attacks...
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.


Accepted Solution

KartikShah earned 500 total points
ID: 10918486
Your problem is a very common problem :-), i.e. copy pasting the date from a word file. This happens because, word does not used the standard double quote (ASCII: 22) but it some other value. In addition the value for the opening double quote is different than the closing double quote is different :'(.

One solution to this problem is, when you are taking the input, search for the characters (you will need to search on the ASCII value) and when you come across a opening or closing double quote used in word, replace it with the normal double quote (ASCII: 22).

If you are extensively copy-pasting data from word, you migh need to take care of few other characters, like soft spaces i.e. the spaces used by word if "Justified alignment" is beinging used. There are other which I can't currently remember. So do take a look at those pitfalls also :-)

Hope this helps you in solving your problem. Best of luck.


Expert Comment

ID: 10929113
This is due to the fact that java uses UTF-8 to read characters,
Microsoft uses cp1205 language reference to denote "it's special characters"

The way I choose to over come this was to implement a javascript function which did a lookup on the all the MS special characters and convert them their native HTML characters (ie) ¡ etc

So you are then only storing plain text with it HTML special characters in your Database and your display problems should be fixed

Author Comment

ID: 10948229
Yeah, there doesn't seem to be any way around searching the entire thing word for word.  I'm not working on it but a fellow student is and what they had to use was hashcode.  They broke up the string into an array and then searched each word for special keys.  It seems like a lot of trouble but so long as it gets the job done.  Thanks for the replies!!

Author Comment

ID: 10951942
All the special characters we've tested work except for the % symbol.  It works in view and preview (to add to database) but when we call from the database to update its not showing up.  Is the % symbol more difficult to handle than the rest?  Is there a way to get it to work?

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
console vs log file 16 83
iterator/ListIterator approach 17 39
login form jsp example 2 38
collection output issue 9 39
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question