I am getting a syntax error when i try to do insert into the informix database through JDBC using a servlet in iPlanet environment. The actual problem is one of the
character fields value contains a single quote('), which
is causing the problem(syntax error). I am not sure of
How to get rid of this problem. Is it the problem with
the informix JDBC driver or is it to be handled at the
environment details as follows:
iPlanet 6.0 using servlets
Informix Dynamic server 7.3
JDBC type 4 driver from informix
Any clues , please..
Thanks in advance
use PreparedStatements as opposed to Statements
it's pretty easy to use, automatically escapes quotes, and offers performance benefits.
// some values to test... not dynamic =p
int id = 123;
String name = "Joseph";
String quote = "I'm ain't don't can't won't";
// SQL query to prepare...
String insert = "INSERT INTO myTable (id, name, quote) VALUES (?, ?, ?)";
// assumes connection object referenced by 'con'
// prepare a statement
PreparedStatement pstmt = con.prepareStatement(insert);
// clear parameters just in case...
// set parameters of the query.
// execute query
If you wish to stick with Statements, you'll have to check for quotes by escaping them with quotes.
So instead of: ain't
You would use: ain''t