Filtering Single Quotes from all JTextAnything

I am working on a large swing/jdbc application. The application has a very large number of JTextField and JTextArea components which participate in the process of inserting / updating the database. The RDBMS we are using is mysql andhas a lot of issues when you are trying to insert characters such as SINGLE QUOTE.

I need to filter out this characters.

One solutions would be to do it manually on every single statement, but this would take ages, since there are hunderds of statements.

The other solution would be to somehow block the SINGLE QUOTE character.

What I would like is to find a way to do one of the following:

a) Replace JTextField with a custom component that extends JTextField and implements a kind of filtering. Using the focusLost event is not a very nice approach, as I would prefer the removal of that character to be more direct.

b) Find a way to catch as a keyTyped Event the insertion of SINGLE QUOTE and negate it.

c) Find a way to force the JRE to ignore the SINGLE QUOTE character.

d) Any other smart solution that would save me the trouble of checking all statements one by one.
LVL 10
NelliosAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CEHJCommented:
Use a custom Document that disallows single quote
0
CEHJCommented:
This should do it

class NoQuoteDocument extends PlainDocument {
   
        public void insertString(int offs, String str, AttributeSet a) throws BadLocationException {
              String forbidden = "'";
                  StringBuilder sb = new StringBuilder(str.length());
                  for(int i = 0;i < str.length();i++) {
              char c = str.charAt(i);
              if (forbidden.indexOf(c) < 0) {
                    sb.append(c);
              }
            }
                if (sb.length() > 0) {
                      super.insertString(offs, str, a);
                }
        }
}
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NelliosAuthor Commented:
Your approach seems to work very well for me. There is only one minor issue about it.

The character is not returned by getText method, though still remains visible inside the component. That means that I will not get an SQLException, but the users of the application will start wondering where the hell did the SINGLE QUOTE character went.

Is there a way to also wipte the character visually?

Thanx in advance!
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

CEHJCommented:
>>though still remains visible inside the component.

That shouldn't be the case. Did you set the Document of the Component to be NoQuoteDocument properly?
0
objectsCommented:
mysql should handle single quotes fine, make sure you use a PreparedStatement to do insert/updates.
0
NelliosAuthor Commented:
CEHJ: I am currently on it!
objects: You are prolly right on this. Though we are not using PreparedStatement on every single statement and it will take ages to convert. Thanx for the tip though !!!
0
CEHJCommented:
You may be better to escape quotes on insert then those typing in the SQL won't get confused. As for PreparedStatement, if you're not using them in a parameterized way for repeat execution, you're not using them for the right reasons and you'll pay an increased SQL overhead for the privilege of not needing to do any escaping
0
NelliosAuthor Commented:
It seems that it goes somehow like this

public class QuoteFilteredTextField extends JTextField
 {
   public NoQuoteDocument quoteFilteredDocument = new NoQuoteDocument();

  /**
   * Constructs a new TextField.
   */
  public QuoteFilteredTextField (){
  super();
  super.setDocument(quoteFilteredDocument);
}
 /*same goes for all constuctors fo JTextField*/
/*the source of NoQuoteDocument is the one posted by CEHJ aobve*/
}

this way works perfectly for me and all issues are solved.
thank you CEHJ
0
objectsCommented:
> Though we are not using PreparedStatement on every single statement and it will take ages to convert.

will save u time in the long run, quotes aren't the only character you'll have problems with otherwise :)
0
CEHJCommented:
:-)
0
objectsCommented:
and what CEHJ has suggested will have your users banging the quote key trying to work out whats wrong, trust me :)
0
CEHJCommented:
>>and what CEHJ has suggested will have your users banging the quote key

I've already covered that in my comments
0
NelliosAuthor Commented:
I can live with the users banging the quote key.
All I want to avoid 2 issues:
a) Get rid of the quote character from the database (wether it works or not).
b) What is shown on the screen to be inserted in the database.

Working with prepared statements would be the case in future projects, but for the current one is definitly out of the question.
0
objectsCommented:
the amount of work to store quotes (and other characters the user may enter) is minimal :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.