CrazyEngineers
CrazyEngineers

  • Escaping string value in java

    monujatt

    Member

    Updated: Oct 22, 2024
    Views: 927
    hi techies,

    Can anybody tell me how to escape strings in java to avoid sql injection?
    like for input string : "abc" i want output string as \"abc\"
    0
    Replies
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies

  • sookie

    MemberAug 10, 2012

    If I am not wrong you are talking about the value of String and value of String is abc and not "abc". If you are using queries in your program just try using single quotes instead of double quotes for escaping strings.
    Are you sure? This action cannot be undone.
    Cancel

  • monujatt

    MemberAug 10, 2012

    I am already using single quotes for strings concatinate within database query.....i want ESCAPED string for the database query...e.g
    "UPDATE tableName SET fieldName='abc' " + stringValue + "WHERE id=1"
    i want this stringValue to be escaped
    ignore if any syntax error in update query .. 😀
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register