Solved

jsp, oracle, single quotes

Posted on 2004-04-27
16
271 Views
Last Modified: 2008-02-01
Hello guys (gals),

       I am writing a jsp page with an oracle backend. It has a large text area where a description will be written and sometimes apostrophes will be used. As we all know, apostrophes or single quotes bust be escaped before they are inserted into the database. I need a javascript replace function to handle the single quote in my text area and I would like to have some clear, commented code, that is why my question will be worth 500 points!

Thanks!
0
Comment
Question by:astrohelp
  • 7
  • 6
16 Comments
 
LVL 63

Expert Comment

by:Zvonko
ID: 10928959
Why do you not want to convert the apostrophes on server side? Tha wold be the recomandded place. You never know wether scripting is enabled or not on client side.

Also what would you like to have instead of apostrophes? And when do you want to convert them back to apostrophes for display?

0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929005
It is a controlled environment, so scripting will be enabled. I want to replace ' with /' or even ' with '' <--- one single quote replaced with two single quotes so that it can be inserted into my table without any problems.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 10929053
all you need to do is use double apostrophes when inserting into the database, and thats only if you're using a sql statement such as INSERT or UPDATE. If you are just opening up a new RS and doing the RS.AddNew method then you do not need to convert anything.

for javascript:
var txtDesc = txtDesc.replace("single-quote", "single-quote single-quote")

for vbscript:
txtDesc = Replace("single-quote", "single-quote single-quote")

I spelled out what quotes to use for readability. When you implement this you would need to use the actual ' on the leyboard. And ZVonko is right, server side would be the way to go.

B.D.
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 10929076
sorry, for vbscript, it should be:

txtDesc = Replace(txtDesc, "single-quote", "single-quote single-quote")
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929096
ok, how would i go about this on the server side?
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 10929175
say the field name is txtDesc:

strTxtDesc = Request.Form("txtDesc")
strTxtDesc = Replace(strTextDesc, "'", "''")
double, single, double quotes<-------|    |----------->here double quote, two single quotes, and a double

then in your insert statement, add the value strTextDesc

B.D.
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929880
when i try this code i get an error "Method Replace blah blah blah not found in class" What version did they impliment this class?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 32

Expert Comment

by:Big Monty
ID: 10929917
can you post the full error text please?
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929939
Method Replace(java.lang.String, java.lang.String, java.lang.String) not found in class _it._mis__it__update__call3.
      vtxtsolution = Replace(vtxtsolution, "'", "''");
                           
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 10929967
use the following:

vtxtsolution = vtxtsolution.replace("'", "''")
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10929993
hmmmm     new error

 Incompatible type for method. Can't convert java.lang.String to char.
      vtxtsolution = vtxtsolution.replace("'", "''");
0
 
LVL 32

Expert Comment

by:Big Monty
ID: 10930042
try declaring vtxtsolution as a string before you get the value of the description field. other than that im not sure
0
 
LVL 2

Author Comment

by:astrohelp
ID: 10930056
i am already doing that...
0
 
LVL 32

Accepted Solution

by:
Big Monty earned 500 total points
ID: 10930111
check out this question:
http://www.experts-exchange.com/Web/Web_Languages/JSP/Q_20839542.html

when i first read your question i thought it was in javascript, not jsp
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
JS Plugin Chaining 2 32
Google Map JavaScript API 4 40
Auto refresh part of an MVC5 View 7 59
How to drill down using class name and find the text? 25 34
This article shows how to create and access 2-dimensional arrays in JavaScript.  It includes a tutorial in case you are just trying to "get your head wrapped around" the concept and we'll also look at some useful tips for more advanced programmers. …
JavaScript can be used in a browser to change parts of a webpage dynamically. It begins with the following pattern: If condition W is true, do thing X to target Y after event Z. Below are some tips and tricks to help you get started with JavaScript …
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now