Solved

Handling Double Quotes from Database

Posted on 2004-04-26
7
441 Views
Last Modified: 2010-08-05
There are 4 students including myself working for our college in the web department having trouble with the web pages we are working on.

The problem comes from whenever we pass double quotes to and retrieve them from the database. We are working with jsp pages and using stored procedures (that use sql) to access the database. We can't see the stored procedures, they are created by our supervisor, and he hasn't been able to help us work this out. Its getting quite messy and confusing and when one student can get it to work for some pages when another tries to apply it to the pages they are working on it doesn't work.

So far we've managed to pass double quotes to the database and get them back and print/view them. When we try to pass double quotes to an update page though they come out as question marks ? and then that gets passed to the database. Also when we type a double quote in an add form it will send double quotes to the database and we can retrieve it correctly but if we copy from a word document it gets sent as a question mark ?.

I'm not including the code because its happening in different ways between 3 different programs so I'm hoping that I can get a solution that we can apply to any page we use.

Our basic system tho is that we students create the web pages in .jsp, we sometimes use .js for functions and such. We call a java .class page when we need to access the database for adds, updates, deletes and just printing out a page dynamically from a database. We encode this in either a hypertext link or in form submit and we pass values such as ids to refine what we will get back from the database. Our java file is a huge if clause where we pass a mode (ie, mode is updateStaff, deleteHardware, addMember) and if mode = what we've sent it then we use a stored procedure (which we never see) to the database and if we get something back as an object we input it into a hashmap on our jsp pages. We don't use beans though I wonder if it might be useful to try to get into but we students don't know jsp when we start here and I, being second year, only covered basic beans that we made. I'm not sure where to find what information there is on pre-made beans and if they come with our software. For testing purposes we use Tomcat on our machines. We make pages using Dreamweaver and Textpad.

Can anyone offer any advice or point to any page that might have a solution that we will all be able to use and implement easily into future projects?

Thanks for any replies!
Linda
0
Comment
Question by:SweetChastity
7 Comments
 
LVL 35

Expert Comment

by:TimYates
ID: 10917772
Sounds like an encoding problem...

A quick search of the web bring back this:

http://forums.devshed.com/archive/t-37396

Which sounds similar to your problem...

I think you will need to getBytes on the string before it goes to the database, and after it comes back, to make sure that what you are sending IS the double quote character

I hope you are using preparedstatements to put the data into the db

Are your machines all on the same locale (language)?

Tim
0
 
LVL 32

Expert Comment

by:ldbkutty
ID: 10917805
Hai,

You can download any one of the application from

www.gotocode.com    and try to understand from the online demo of the programs. They have very good programs for SQL statements. They convert the 'double quotes' problem and many other problems similar to this by converting it to some other form and inserting/updating the values in the database.

I am currently using online portal application and i hope that this application will be more useful for u also.

Just try to understand the SQL functions in common.jsp (how the field entries are modified) ...in case u cannot get an idea of how it works or u cannot access, let me know....i will try to give my code.

Regards,
Jagdeesh.
0
 
LVL 35

Expert Comment

by:TimYates
ID: 10917942
I just had a look at the gotocode site, and their handling of double quotes seems to be because they use java.sql.Statement, and not java.sql.PreparedStatement, so they have to catch doublequotes, otherwise they would be vunerable to SQL Injecttion attacks...
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 1

Accepted Solution

by:
KartikShah earned 500 total points
ID: 10918486
Your problem is a very common problem :-), i.e. copy pasting the date from a word file. This happens because, word does not used the standard double quote (ASCII: 22) but it some other value. In addition the value for the opening double quote is different than the closing double quote is different :'(.

One solution to this problem is, when you are taking the input, search for the characters (you will need to search on the ASCII value) and when you come across a opening or closing double quote used in word, replace it with the normal double quote (ASCII: 22).

If you are extensively copy-pasting data from word, you migh need to take care of few other characters, like soft spaces i.e. the spaces used by word if "Justified alignment" is beinging used. There are other which I can't currently remember. So do take a look at those pitfalls also :-)

Hope this helps you in solving your problem. Best of luck.


0
 
LVL 4

Expert Comment

by:indigostark
ID: 10929113
This is due to the fact that java uses UTF-8 to read characters,
Microsoft uses cp1205 language reference to denote "it's special characters"

The way I choose to over come this was to implement a javascript function which did a lookup on the all the MS special characters and convert them their native HTML characters (ie) ¡ etc

So you are then only storing plain text with it HTML special characters in your Database and your display problems should be fixed
0
 

Author Comment

by:SweetChastity
ID: 10948229
Yeah, there doesn't seem to be any way around searching the entire thing word for word.  I'm not working on it but a fellow student is and what they had to use was hashcode.  They broke up the string into an array and then searched each word for special keys.  It seems like a lot of trouble but so long as it gets the job done.  Thanks for the replies!!
0
 

Author Comment

by:SweetChastity
ID: 10951942
All the special characters we've tested work except for the % symbol.  It works in view and preview (to add to database) but when we call from the database to update its not showing up.  Is the % symbol more difficult to handle than the rest?  Is there a way to get it to work?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
getting Http 404 error in jsp forms 8 73
report generation frameworks 1 60
iterator example remove 8 74
memory representation of int[][][] a=new int[2][][]; 10 59
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
When we talk about DevOps toolchains, I sometimes wonder how many people really get what we’re talking about. I don’t know if it’s just semantics or tone or something else, but sometimes I think it just sounds like buzzword sausage. So it’s always …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now