Skip to Main Content
Forums

Java Development Tools

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

escape special character in string

2752268Jul 22 2016 — edited Jul 25 2016

Hi gurus,

i'm new to ADF and java, now i'm making a simple news application, form input, read, and update news management, and for news input feature, i noticed that when the article uses special character like single quote following by comma and closed by single quote, it throws sql exception: expecting comma. I noticed that this errors caused by special character usage. How can i escape special character string, so i can insert the query to database? And how can i re-escape masked news content and showed the news content like as inputted before?

this is my code:






public void postNews_ActionListener(ActionEvent actionEvent) {




    
//db connection declaration




    
DbConnection gc = new DbConnection();




    
Connection con = null;




    
PreparedStatement pr = null;




   
 




    
//variable declaration
 




    
Object judul = inputJudul_property.getValue();




    
Object konten = inputNewsContent_property.getValue();




    
Boolean pinned = (Boolean)pinNews_checkbox.getValue();




    
Object penulis = bindPenulisBerita.getValue();




    
String pin = null;




   
 




    
System.out.println(judul);




    
System.out.println(konten);




    
System.out.println(penulis);




    
System.out.println(pinned);




   
 




    
//pin checkbox checking




    
if(pinned == false){




        
pin = "N";




            
}else{




                
pin = "Y";




            
}




    
if((judul == null)&&(konten == null)){




            
String messages = "make sure all fields is already filled!";




            
FacesContext fc = FacesContext.getCurrentInstance();




            
FacesMessage fm = new FacesMessage(FacesMessage.SEVERITY_WARN,messages,null);




            
fc.addMessage(null, fm);




    
}else{




    
try {




        
con = gc.getConnected();




        
pr = con.prepareStatement("INSERT INTO BERITA (BERITA_ID, BERITA_JUDUL, POSTED_BY, POSTED_DATE, READ_STAT, BERITA_ISI, BERITA_ATTACHMENT, BERITA_ATTACHMENT_PATH, BERITA_PINNED) VALUES (NULL, '"+judul+"', '"+penulis+"' , SYSDATE , 0, '"+konten+"', NULL, NULL, '"+pin+"')");




        
pr.executeUpdate();












        
con.close();




       
 




        
String messages = "Success!";




        
FacesContext fc = FacesContext.getCurrentInstance();




        
FacesMessage fm = new FacesMessage(FacesMessage.SEVERITY_INFO,messages,null);




        
fc.addMessage(null, fm);




    
} catch (Exception e) {




        
String messages = "Failed!";




        
FacesContext fc = FacesContext.getCurrentInstance();




        
FacesMessage fm = new FacesMessage(FacesMessage.SEVERITY_ERROR,messages,null);




        
fc.addMessage(null, fm);




       
 




        
e.printStackTrace();




    
}finally {




        
//close connection




        
try { if (pr != null) pr.close(); } catch (Exception e) {};




        
try { if (con != null) con.close(); } catch (Exception e) {};




   
 




    
}




    
}





}

Thanks in advance,

gary
This post has been answered by SanjeevChauhan on Jul 24 2016
Jump to Answer
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Aug 22 2016
Added on Jul 22 2016
#application-development-in-java, #jdeveloper-and-adf
4 comments
1,370 views