MySQL Lists: win32: Re: Ignoring or filtering ' char

List:	MySQL on Win32	« Previous Message Next Message »
From:	Tiago Serafim	Date:	July 30 2004 5:06am
Subject:	Re: Ignoring or filtering ' char
View as plain text

Hi,

Here is a tip for you, try to make all your inserts statements
declaring all the fields, like this:
insert into tablename (field1, field2) values (value1, value2)

This will avoid lots of troubles when your table structure changes...

In Java, you should avoid to create raw querys, insted use a
PreparedStatement, a PreparedStatement use yours mysql connector
implemetation to put data in right format....

Here is a example how your code might look:

String sql = "INSERT userinfo (yourFieldNameHere) VALUES (?)";

PreparedStatement ps = conn.prepareStatement(sql); 

ps.setString(1, emailSubject);

ps.execute();


Look the javadoc for all methods:
http://java.sun.com/j2se/1.4.2/docs/api/java/sql/PreparedStatement.html

Hope it helps you....

ps:sorry my bad english

Regards,

On Thu, 29 Jul 2004 19:47:10 -0700 (PDT), Cadbury
<codename13th@stripped> wrote:
> hi
> 
> i'm using Java to write a program that access mysql
> database. here's a part of the java program source
> code:
> 
> ---------------------------------------------------------
> query = "insert into userinfo values ('" +
> emailSubject + "');";
> executeUpdate(query);
> ---------------------------------------------------------
> 
> basically what the program does is it will insert an
> incoming email's subject into a mysql table.
> 
> the problem occurs when the subject has the character
> ' in it. For example if the subject is something like
> :"You've got a mail",mysql will give an exception
> which looks something like this:
> 
> ------------------------------------------------------
> java.sql.SQLException: Syntax error or access
> violation,  message from server: "
> You have an error in your SQL syntax.  Check the
> manual that corresponds to your MySQL server version
> for the right syntax to use near 've got
> 
> ','Fri Jul 30 10:11:04 GMT+08:00 2004')' at line 1"
> ------------------------------------------------------
> from what I can see MySql treats the ' char as part of
> mysql syntax. how can i overcome this problem? any
> help are greatly appreciated.
> 
> Thanx.
> 
> __________________________________
> Do you Yahoo!?
> New and Improved Yahoo! Mail - 100MB free storage!
> http://promotions.yahoo.com/new_mail
> 
> --
> MySQL Windows Mailing List
> For list archives: http://lists.mysql.com/win32
> To unsubscribe:    http://lists.mysql.com/win32?unsub=1
> 
> 


-- 
Tiago Serafim
tserafim@stripped

Thread
• Using a Blob with the ByteFX data provider	Nick Randell	16 Jul
• RE: Using a Blob with the ByteFX data provider	Reggie Burnett	19 Jul
• RE: Using a Blob with the ByteFX data provider	Nick Randell	20 Jul
• Suggested settings for dual processor machine?	East Bay Technologies	20 Jul
• RE: Using a Blob with the ByteFX data provider	Reggie Burnett	20 Jul
• Should I use myISAM or InnoDB??	East Bay Technologies	21 Jul
• Should I use myISAM or InnoDB??	East Bay Technologies	23 Jul
• Suggested settings for dual processor machine?	East Bay Technologies	23 Jul
• RE: Should I use myISAM or InnoDB??	PF: MySQL	23 Jul
• Question about Insert Statement	Danny Willis	23 Jul
• Re: Question about Insert Statement	Tata Respecia	24 Jul
• Ignoring or filtering ' char	Cadbury	30 Jul
• Strange site error.	Danny Willis	30 Jul
• Re: Ignoring or filtering ' char	Tiago Serafim	30 Jul
• Re: Ignoring or filtering ' char	Cadbury	4 Aug
• Re: Ignoring or filtering ' char	Tiago Serafim	4 Aug
• Re: Ignoring or filtering ' char	Cadbury	5 Aug
• Re: Ignoring or filtering ' char	Petr Vileta	30 Jul
• Re: Ignoring or filtering ' char	Tiago Serafim	30 Jul
• Re: Question about Insert Statement	Randy Clamons	24 Jul