View Feed
group-icon
Java Developers
Community of Java Developers: Get Java Programming Help from fellow Java Developers across the world.
654 Members
Join this group to post and comment.
monujatt
monujatt • Aug 6, 2012

Escaping string value in java

hi techies,

Can anybody tell me how to escape strings in java to avoid sql injection?
like for input string : "abc" i want output string as \"abc\"
sookie
sookie • Aug 10, 2012
If I am not wrong you are talking about the value of String and value of String is abc and not "abc". If you are using queries in your program just try using single quotes instead of double quotes for escaping strings.
monujatt
monujatt • Aug 10, 2012
I am already using single quotes for strings concatinate within database query.....i want ESCAPED string for the database query...e.g
"UPDATE tableName SET fieldName='abc' " + stringValue + "WHERE id=1"
i want this stringValue to be escaped
ignore if any syntax error in update query .. 😀

Share this content on your social channels -