I'm trying to execute a query containing an xpath.
The query looks like this:
select * FROM table t where t.column.existsNode('/RootElement[contains(SubElement, "someVal")]/SubElement')
In java replacing the "someVal" with a bind parameter "?" will not work:
PreparedStatement ps = c.prepareStatement("select * FROM table t where t.column.existsNode('/RootElement[contains(SubElement, ? )]/SubElement') = 1");
ps.setString(1,"someVal");
=EXCEPTION
On this forum I found that you can also use '||:namedParam||'
So the query in java would be executed like;
PreparedStatement ps = c.prepareStatement("select * FROM table t where t.column.existsNode('/RootElement[contains(SubElement, '||:1||' )]/SubElement') = 1");
ps.setString(1,"someVal");
This seems to work (I have no idea what the '|| ||' construct does, I don't seem to find any info about it)
HOWEVER, it seems that doing it this way the value being bound is NOT escaped.
So, doing this will yield in an orcale SQL/xpath exception:
ps.setString(1,"som'eVal");
I've went to all the oracle xml manual stuff I could find, but nowhere do they address this.
Any one an idea how I can bind the value and still have escaping ?
Edited by: user5893566 on Nov 27, 2008 12:06 AM
Edited by: user5893566 on Nov 27, 2008 12:15 AM