Solved

jsp, oracle, single quotes

Posted on 2004-04-27
16
280 Views
Last Modified: 2008-02-01
Hello guys (gals),

       I am writing a jsp page with an oracle backend. It has a large text area where a description will be written and sometimes apostrophes will be used. As we all know, apostrophes or single quotes bust be escaped before they are inserted into the database. I need a javascript replace function to handle the single quote in my text area and I would like to have some clear, commented code, that is why my question will be worth 500 points!

Thanks!
0
Comment
Question by:astrohelp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
16 Comments
 
LVL 63

Expert Comment

by:Zvonko
ID: 10928959
Why do you not want to convert the apostrophes on server side? Tha wold be the recomandded place. You never know wether scripting is enabled or not on client side.

Also what would you like to have instead of apostrophes? And when do you want to convert them back to apostrophes for display?

0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929005
It is a controlled environment, so scripting will be enabled. I want to replace ' with /' or even ' with '' <--- one single quote replaced with two single quotes so that it can be inserted into my table without any problems.
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 10929053
all you need to do is use double apostrophes when inserting into the database, and thats only if you're using a sql statement such as INSERT or UPDATE. If you are just opening up a new RS and doing the RS.AddNew method then you do not need to convert anything.

for javascript:
var txtDesc = txtDesc.replace("single-quote", "single-quote single-quote")

for vbscript:
txtDesc = Replace("single-quote", "single-quote single-quote")

I spelled out what quotes to use for readability. When you implement this you would need to use the actual ' on the leyboard. And ZVonko is right, server side would be the way to go.

B.D.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 33

Expert Comment

by:Big Monty
ID: 10929076
sorry, for vbscript, it should be:

txtDesc = Replace(txtDesc, "single-quote", "single-quote single-quote")
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929096
ok, how would i go about this on the server side?
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 10929175
say the field name is txtDesc:

strTxtDesc = Request.Form("txtDesc")
strTxtDesc = Replace(strTextDesc, "'", "''")
double, single, double quotes<-------|    |----------->here double quote, two single quotes, and a double

then in your insert statement, add the value strTextDesc

B.D.
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929880
when i try this code i get an error "Method Replace blah blah blah not found in class" What version did they impliment this class?
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 10929917
can you post the full error text please?
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929939
Method Replace(java.lang.String, java.lang.String, java.lang.String) not found in class _it._mis__it__update__call3.
      vtxtsolution = Replace(vtxtsolution, "'", "''");
                           
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 10929967
use the following:

vtxtsolution = vtxtsolution.replace("'", "''")
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929993
hmmmm     new error

 Incompatible type for method. Can't convert java.lang.String to char.
      vtxtsolution = vtxtsolution.replace("'", "''");
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 10930042
try declaring vtxtsolution as a string before you get the value of the description field. other than that im not sure
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10930056
i am already doing that...
0
 
LVL 33

Accepted Solution

by:
Big Monty earned 500 total points
ID: 10930111
check out this question:
http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20839542.html

when i first read your question i thought it was in javascript, not jsp
0

Featured Post

MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article shows how to create and access 2-dimensional arrays in JavaScript.  It includes a tutorial in case you are just trying to "get your head wrapped around" the concept and we'll also look at some useful tips for more advanced programmers. …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question