[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

replace keywords in string

Posted on 2014-08-02
11
Medium Priority
?
243 Views
Last Modified: 2014-08-21
Hi,

There is url which is created through a procedure from the database.In the url there is a query string which is encrypted.

www.abc.com?id=xcvr!@&?12ERT+

now when i fetch it in java
String Id = request.getParameter("id");

Since the characters in the query string are encrypted and contain keywords of query string(?&)
Is there any way (like escapeHTML of apache utils)  in which i can store the codes instead of keywords in database.
0
Comment
Question by:Rocking
  • 5
  • 5
11 Comments
 
LVL 28

Accepted Solution

by:
dpearson earned 1500 total points
ID: 40236491
Check out URLEncoder (http://docs.oracle.com/javase/7/docs/api/java/net/URLEncoder.html):

String encodedUrl = URLEncoder.encode(url, "UTF-8");
String decodedUrl = URLDecoder.decode(url, "UTF-8");

It should give you what you need.

Doug
0
 

Author Comment

by:Rocking
ID: 40236973
what if we provide space it will convert it to "+" sign which again is a keyword,how to get rid in this case?

public static void main (String rags[]) throws UnsupportedEncodingException{
		String key = "$%#@qwer 1212+";
		System.out.println(DatatypeConverter.parseBase64Binary(key));
		String encodedKey = URLEncoder.encode(key,"UTF-8");
		System.out.println("encodedKey::"+encodedKey);
		System.out.println("URLEncoder"+URLDecoder.decode(encodedKey,"UTF-8"));
	}

Open in new window

0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40237180
What do you mean by 'keywords'? Do you mean sql reserved words? If so, since you're storing the encrypted value in a text field, then there's no problem - text fields don't care about reserved words. What they do care about is things like quote characters, so make sure you use a PreparedStatement to do the insert/update, as it will take care of the necessary quoting for you.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Rocking
ID: 40239483
no the problem is not in insertion of keyword,the problem is when the url is created from the database procedure this parameter is appended as query string which treat " " as + sign.
http://localhost:8080/test.jsp?id=$%#@qwer 1212+

String id = request.getParameter("id");
It gives as $%#@qwer+1212+
insetad of

$%#@qwer 1212+
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40239673
Sorry - you're not being clear on what is getting it wrong
0
 

Author Comment

by:Rocking
ID: 40245232
Ok let me put in short.
I am encrypting a id (long value).
Can there be a case when there is space comes during encrypting the above?
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40245558
I don't think that's likely but it might not be impossible
0
 

Author Comment

by:Rocking
ID: 40250151
now if the space comes in the encrypted string and save in the database
String encodedUrl = URLEncoder.encode(url, "UTF-8");
AS per the api (The space character " " is converted into a plus sign "+".)

So i can't use this method?please suggest any other alternative
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40250373
and save in the database
String encodedUrl = URLEncoder.encode(url, "UTF-8");
AS per the api (The space character " " is converted into a plus sign "+".)
But url encoding is only done to respect the operation of HTTP. It's not meant to be used for other things (like insertion into a db)
What you should be doing is getting the plain string and saving that in the db. A PreparedStatement will prevent any problem with insertion
0
 

Author Comment

by:Rocking
ID: 40261469
what about getting the bytes of the string and store in the database? I don't want to store the string as it is in the database for security purpose?

Any other alternative would be helpful
0
 
LVL 86

Expert Comment

by:CEHJ
ID: 40261683
I don't want to store the string as it is in the database for security purpose?
Sorry - this is not making much sense - you already said you DID want to save it.
Unless it's not clear to you, url encoding is not done for security purposes
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question