List:MySQL and Java« Previous MessageNext Message »
From:Ronald Klop (Mailing List) Date:November 4 2011 12:22pm
Subject:escaping in a non-prepared query
View as plain text  
Hello,

 In my application I have a query which is very hard to rewrite to a preparedstatement for
legacy reasons. Is there some method so I can do the right escaping by hand?

 query = "SELECT * FROM foo WHERE bar = '" + MySQLUtils.escapeString("bla") + "'";

 Something like that.

 Thanks in advance,
 Ronald.
Thread
escaping in a non-prepared queryMailing List)4 Nov