Web tier: servlets, JSP, Web frameworks: Using Special Characters like '(Single Quotes) and & (Ampersand)

      I have got a Data capturing Screen in JSP which contains comments field. Sometimes the user enters special characters like '(Single Quotes) and &(Ampersand) in the comments field(eg. Here are some Program's to look, Bread& Butter).

    When i insert the values into oracle thru JSP, it is inserting only upto the Single Quotes leaving the values after that.

    Can anyone tell what should i do to insert the full value if the values contains characters like '(Single Quotes) or &(Ampersand).

    Thanks in Advance

    -Raj Jayaraman
  2. I believe that you may have to escape single quotes. Unless you are using a PreparedStatement, you may have to explicity check for single quotes to escape them. In SQL, you usually encapsulate text strings (and dates) in single quotes. For example:

    INSERT INTO my_table (

    VALUES (
        'Joseph Yi',
        'This isn''t fun'

    Sorry for my structuring, I do that so I can read it =p. Anyway, I don't know about 'standard' SQL, but having used Oracle, Sybase, and even MS Access as databases, I believe you merely have to escape your single quotes. The Statement object in Java has a void method called setEscapeProcessing(boolean enable) which is by default, true, so it was supposed to handle escaping special characters for you. However, this was not the case, and I had to manually check my strings for quotes and escape them =(. Anyway, if you need a method that performs escaping single quotes, I can provide one at your request.
  3. Hello Joseph,

    Can u help me by sending the method for escaping the single quote or converting the single quote into a double quote.

    thanks in advance.

    Prasath .
    prasathb at yahoo dot com or bp8475@sbc.com