Escaping string value in java
hi techies,
Can anybody tell me how to escape strings in java to avoid sql injection?
like for input string : "abc" i want output string as \"abc\"
Can anybody tell me how to escape strings in java to avoid sql injection?
like for input string : "abc" i want output string as \"abc\"
Replies
-
sookieIf I am not wrong you are talking about the value of String and value of String is abc and not "abc". If you are using queries in your program just try using single quotes instead of double quotes for escaping strings. -
monujattI am already using single quotes for strings concatinate within database query.....i want ESCAPED string for the database query...e.g
"UPDATE tableName SET fieldName='abc' " + stringValue + "WHERE id=1"
i want this stringValue to be escaped
ignore if any syntax error in update query .. 😀
You are reading an archived discussion.
Related Posts
Is possible to develop a new web server for all web technology?
That mean, we want to use wamp server for php scripts, Apache tomcat server for jsp, and IIS...
my self monu,working as software engineer in noida
About DASS(Diploma in Automation & SCADA Systems) course offered by CDAC,Blore Knowledge park campus
Hello Everyone,
I am Teja from Hyderabad. Currently, I am working with Intense Technologies @ Hyd, as a DB2 Data Base Admin . I completed my Masters in Instrumentation and...
hello friends this is Prashant Singh, B.tech Mechanical Engineering 3rd year.
recidence- India.
Back with a Gang and Bang as well 😁
One more awesome interview with an awesome CEan who is crazy enough to talk to his friend on phone in interview...