Skip navigation links

MySQL Forums :: Connector/JDBC and Java :: Escaping String Method


Advanced Search

Escaping String Method
Posted by: th nb ()
Date: October 01, 2012 10:37AM

Is there a (static) method somewhere in connector-j that you can pass a string value so that is safely escaped (as in safe from SQL-injection concerns), e.g. for purposes of inclusion in an INSERT or UPDATE statement or as part of a WHERE clause?

public static String safeEscape(String value) { .... }

It would be very useful if there was; I'm guessing it might need to consider encoding issues, so it might need to take an encoding argument?


And yes I know all about PreparedStatements of course, so please don't respond with use PreparedStatements :)

Options: ReplyQuote


Subject Written By Posted
Escaping String Method th nb 10/01/2012 10:37AM
Re: Escaping String Method Todd Farmer 10/03/2012 02:36PM
Re: Escaping String Method th nb 10/03/2012 04:59PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.