I do something like this for a jdbc insert:
private int insertDetailStatement() {
/**
* Buid SQL Data Statement
*/
int fKeyDetail = checkDupDetail();
if (fKeyDetail > 0) {
return fKeyDetail;
};
/**
* Build the author_detail insert STATEMENT with data
*/
String sqlStatement = DETAILINSERTSQL
+ jTitle.getText().trim().replaceAll("'", "''") + "', '"
+ jSuffix.getText().trim().replaceAll("'", "''") + "', '"
+ jLastName.getText().trim().replaceAll("'", "''") + "', '"
+ jMiddleName.getText().trim().replaceAll("'", "''") + "', '"
+ jFirsfName.getText().trim().replaceAll("'", "''") + "', '"
+ jBirthDeath.getText() + "', '"
+ jdescription.getText().trim().replaceAll("'", "''") + "', '"
+ jLink.getText() + "')";
/**
* Insert the Author Data
*/
JPeopleQuotesAppDB.insertTableRow(sqlStatement);
return checkDupDetail();
"Raymond DeCampo" <rd******@spam.twcny.spam.rr.spam.com.spam> wrote in
message news:_3*******************@twister.nyroc.rr.com...
Joe Ray wrote: I am trying to come up with a regular expression that searches and
replaces all occurences of the string "'" and replaces it with "''" .
However if a backslash comes before the single quote I do NOT want it
too be replaced with two single quotes. Any clues?
Joe
Joe,
<mind-reading-mode>
If you are doing this for the purpose of creating an SQL string, you
will be better off in the long run to use a PreparedStatement. E.g.
Connection conn = getConnection();
PreparedStatement pStmt = conn.prepareStatement(
"SELECT id FROM My_Table WHERE name = ?");
pStmt.setString(1, "Joe's Pizza");
ResultSet rs = pStmt.execute();
Then it is the JDBC driver's problem to worry about escaping strings.
</mind-reading-mode>
HTH,
Ray
--
XML is the programmer's duct tape.