List:General Discussion« Previous MessageNext Message »
From:Hassan Schroeder Date:December 21 2005 7:27pm
Subject:Re: Cleaning illegal characters from varchar field
View as plain text  
Nathan Gross wrote:

> Woa! Let me verify. If I pass a qry string:
>  "SELECT Anyfield from Anytable where Anyfield = 'The man was 100% correct' "
> to a Connector/J Statement (or PreparedStatement via parameters), the
> driver will automatically [behind the scenes] escape the percent sign?

Again, this is a function of *PreparedStatement*s. You'll also find
references to them as you research "SQL injection attack" :-)

HTH!
-- 
Hassan Schroeder ----------------------------- hassan@stripped
Webtuitive Design ===  (+1) 408-938-0567   === http://webtuitive.com

                          dream.  code.


Thread
Cleaning illegal characters from varchar fieldNathan Gross20 Dec
  • Re: Cleaning illegal characters from varchar fieldSGreen21 Dec
    • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
      • Re: Cleaning illegal characters from varchar fieldSGreen21 Dec
        • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
          • Re: Cleaning illegal characters from varchar fieldSGreen21 Dec
          • Re: Cleaning illegal characters from varchar fieldHassan Schroeder21 Dec
            • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
              • Re: Cleaning illegal characters from varchar fieldHassan Schroeder21 Dec
                • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
                  • Matching phone numbers to addressesRussell Horn21 Dec
                    • Re: Matching phone numbers to addressesPeter Brawley21 Dec
                  • Re: Cleaning illegal characters from varchar fieldHassan Schroeder21 Dec
                    • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
                  • Re: Cleaning illegal characters from varchar fieldMark Matthews21 Dec
                    • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec
      • Re: Cleaning illegal characters from varchar fieldJamesDR21 Dec
        • Re: Cleaning illegal characters from varchar fieldNathan Gross21 Dec