?
Solved

Filtering Single Quotes from all JTextAnything

Posted on 2007-04-11
15
Medium Priority
?
301 Views
Last Modified: 2008-02-01
I am working on a large swing/jdbc application. The application has a very large number of JTextField and JTextArea components which participate in the process of inserting / updating the database. The RDBMS we are using is mysql andhas a lot of issues when you are trying to insert characters such as SINGLE QUOTE.

I need to filter out this characters.

One solutions would be to do it manually on every single statement, but this would take ages, since there are hunderds of statements.

The other solution would be to somehow block the SINGLE QUOTE character.

What I would like is to find a way to do one of the following:

a) Replace JTextField with a custom component that extends JTextField and implements a kind of filtering. Using the focusLost event is not a very nice approach, as I would prefer the removal of that character to be more direct.

b) Find a way to catch as a keyTyped Event the insertion of SINGLE QUOTE and negate it.

c) Find a way to force the JRE to ignore the SINGLE QUOTE character.

d) Any other smart solution that would save me the trouble of checking all statements one by one.
0
Comment
Question by:Nellios
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 4
15 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888258
Use a custom Document that disallows single quote
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 2000 total points
ID: 18888287
This should do it

class NoQuoteDocument extends PlainDocument {
   
        public void insertString(int offs, String str, AttributeSet a) throws BadLocationException {
              String forbidden = "'";
                  StringBuilder sb = new StringBuilder(str.length());
                  for(int i = 0;i < str.length();i++) {
              char c = str.charAt(i);
              if (forbidden.indexOf(c) < 0) {
                    sb.append(c);
              }
            }
                if (sb.length() > 0) {
                      super.insertString(offs, str, a);
                }
        }
}
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888413
Your approach seems to work very well for me. There is only one minor issue about it.

The character is not returned by getText method, though still remains visible inside the component. That means that I will not get an SQLException, but the users of the application will start wondering where the hell did the SINGLE QUOTE character went.

Is there a way to also wipte the character visually?

Thanx in advance!
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 86

Expert Comment

by:CEHJ
ID: 18888426
>>though still remains visible inside the component.

That shouldn't be the case. Did you set the Document of the Component to be NoQuoteDocument properly?
0
 
LVL 92

Expert Comment

by:objects
ID: 18888450
mysql should handle single quotes fine, make sure you use a PreparedStatement to do insert/updates.
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888569
CEHJ: I am currently on it!
objects: You are prolly right on this. Though we are not using PreparedStatement on every single statement and it will take ages to convert. Thanx for the tip though !!!
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888598
You may be better to escape quotes on insert then those typing in the SQL won't get confused. As for PreparedStatement, if you're not using them in a parameterized way for repeat execution, you're not using them for the right reasons and you'll pay an increased SQL overhead for the privilege of not needing to do any escaping
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888628
It seems that it goes somehow like this

public class QuoteFilteredTextField extends JTextField
 {
   public NoQuoteDocument quoteFilteredDocument = new NoQuoteDocument();

  /**
   * Constructs a new TextField.
   */
  public QuoteFilteredTextField (){
  super();
  super.setDocument(quoteFilteredDocument);
}
 /*same goes for all constuctors fo JTextField*/
/*the source of NoQuoteDocument is the one posted by CEHJ aobve*/
}

this way works perfectly for me and all issues are solved.
thank you CEHJ
0
 
LVL 92

Expert Comment

by:objects
ID: 18888660
> Though we are not using PreparedStatement on every single statement and it will take ages to convert.

will save u time in the long run, quotes aren't the only character you'll have problems with otherwise :)
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888666
:-)
0
 
LVL 92

Expert Comment

by:objects
ID: 18888689
and what CEHJ has suggested will have your users banging the quote key trying to work out whats wrong, trust me :)
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888700
>>and what CEHJ has suggested will have your users banging the quote key

I've already covered that in my comments
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888845
I can live with the users banging the quote key.
All I want to avoid 2 issues:
a) Get rid of the quote character from the database (wether it works or not).
b) What is shown on the screen to be inserted in the database.

Working with prepared statements would be the case in future projects, but for the current one is definitly out of the question.
0
 
LVL 92

Expert Comment

by:objects
ID: 18888868
the amount of work to store quotes (and other characters the user may enter) is minimal :)
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers will learn about the different types of variables in Java and how to declare them. Decide the type of variable desired: Put the keyword corresponding to the type of variable in front of the variable name: Use the equal sign to assign a v…
Suggested Courses
Course of the Month15 days, 10 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question