Solved

Filtering Single Quotes from all JTextAnything

Posted on 2007-04-11
15
261 Views
Last Modified: 2008-02-01
I am working on a large swing/jdbc application. The application has a very large number of JTextField and JTextArea components which participate in the process of inserting / updating the database. The RDBMS we are using is mysql andhas a lot of issues when you are trying to insert characters such as SINGLE QUOTE.

I need to filter out this characters.

One solutions would be to do it manually on every single statement, but this would take ages, since there are hunderds of statements.

The other solution would be to somehow block the SINGLE QUOTE character.

What I would like is to find a way to do one of the following:

a) Replace JTextField with a custom component that extends JTextField and implements a kind of filtering. Using the focusLost event is not a very nice approach, as I would prefer the removal of that character to be more direct.

b) Find a way to catch as a keyTyped Event the insertion of SINGLE QUOTE and negate it.

c) Find a way to force the JRE to ignore the SINGLE QUOTE character.

d) Any other smart solution that would save me the trouble of checking all statements one by one.
0
Comment
Question by:Nellios
  • 7
  • 4
  • 4
15 Comments
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888258
Use a custom Document that disallows single quote
0
 
LVL 86

Accepted Solution

by:
CEHJ earned 500 total points
ID: 18888287
This should do it

class NoQuoteDocument extends PlainDocument {
   
        public void insertString(int offs, String str, AttributeSet a) throws BadLocationException {
              String forbidden = "'";
                  StringBuilder sb = new StringBuilder(str.length());
                  for(int i = 0;i < str.length();i++) {
              char c = str.charAt(i);
              if (forbidden.indexOf(c) < 0) {
                    sb.append(c);
              }
            }
                if (sb.length() > 0) {
                      super.insertString(offs, str, a);
                }
        }
}
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888413
Your approach seems to work very well for me. There is only one minor issue about it.

The character is not returned by getText method, though still remains visible inside the component. That means that I will not get an SQLException, but the users of the application will start wondering where the hell did the SINGLE QUOTE character went.

Is there a way to also wipte the character visually?

Thanx in advance!
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888426
>>though still remains visible inside the component.

That shouldn't be the case. Did you set the Document of the Component to be NoQuoteDocument properly?
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888434
0
 
LVL 92

Expert Comment

by:objects
ID: 18888450
mysql should handle single quotes fine, make sure you use a PreparedStatement to do insert/updates.
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888569
CEHJ: I am currently on it!
objects: You are prolly right on this. Though we are not using PreparedStatement on every single statement and it will take ages to convert. Thanx for the tip though !!!
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 86

Expert Comment

by:CEHJ
ID: 18888598
You may be better to escape quotes on insert then those typing in the SQL won't get confused. As for PreparedStatement, if you're not using them in a parameterized way for repeat execution, you're not using them for the right reasons and you'll pay an increased SQL overhead for the privilege of not needing to do any escaping
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888628
It seems that it goes somehow like this

public class QuoteFilteredTextField extends JTextField
 {
   public NoQuoteDocument quoteFilteredDocument = new NoQuoteDocument();

  /**
   * Constructs a new TextField.
   */
  public QuoteFilteredTextField (){
  super();
  super.setDocument(quoteFilteredDocument);
}
 /*same goes for all constuctors fo JTextField*/
/*the source of NoQuoteDocument is the one posted by CEHJ aobve*/
}

this way works perfectly for me and all issues are solved.
thank you CEHJ
0
 
LVL 92

Expert Comment

by:objects
ID: 18888660
> Though we are not using PreparedStatement on every single statement and it will take ages to convert.

will save u time in the long run, quotes aren't the only character you'll have problems with otherwise :)
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888666
:-)
0
 
LVL 92

Expert Comment

by:objects
ID: 18888689
and what CEHJ has suggested will have your users banging the quote key trying to work out whats wrong, trust me :)
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 18888700
>>and what CEHJ has suggested will have your users banging the quote key

I've already covered that in my comments
0
 
LVL 10

Author Comment

by:Nellios
ID: 18888845
I can live with the users banging the quote key.
All I want to avoid 2 issues:
a) Get rid of the quote character from the database (wether it works or not).
b) What is shown on the screen to be inserted in the database.

Working with prepared statements would be the case in future projects, but for the current one is definitly out of the question.
0
 
LVL 92

Expert Comment

by:objects
ID: 18888868
the amount of work to store quotes (and other characters the user may enter) is minimal :)
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
factorial example challenge 10 62
sumDigits  challenge 7 62
Java and GPO 11 47
Problem to start Neon 20 54
For customizing the look of your lightweight component and making it look opaque like it was made of plastic.  This tip assumes your component to be of rectangular shape and completely opaque.   (CODE)
Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Viewers learn about the scanner class in this video and are introduced to receiving user input for their programs. Additionally, objects, conditional statements, and loops are used to help reinforce the concepts. Introduce Scanner class: Importing…
Viewers will learn about the regular for loop in Java and how to use it. Definition: Break the for loop down into 3 parts: Syntax when using for loops: Example using a for loop:

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now