Java Database Connectivity (JDBC)

I am getting an ORA-00911 error thrown back in the form of a java.sql.SQLException. I was able to figure out which character in my query was causing the exception, but I'm not sure what to do about it.

I'm calling a method called recordIsPresent which will return true or false, depening on if it finds a matching record. Here is the code:

private static boolean recordIsPresent(PackageBean pb, Connection conn){
boolean isPresent = false;
PreparedStatement stmt = null;
ResultSet rs = null;
String SQL = "SELECT COUNT(*) FROM FEEDER_QUEUE WHERE FQ_ITEMTYPE = 'A10' " +
"AND FQ_ITEMNAME ='" + pb.getPackageName() + "'";

log.debug("Checking for record using SQL: " + SQL);

try {
stmt = conn.prepareStatement(SQL);
rs = stmt.executeQuery();
while(rs.next()){
int i = rs.getInt(1);
if(i > 0){
isPresent = true;
log.debug("A10 Record for package " + pb.getPackageName() + "already present, not resubmitting");
} else {
isPresent = false;
log.debug("No A10 Record found for package " + pb.getPackageName() +", submitting A10");
}
}
} catch (SQLException e) {
e.printStackTrace();
}

return isPresent;
}


The pb.getPackageName() returns a string that is sent with the query. Here's what the SQL looks like in my logs:

recordIsPresent Checking for record using SQL: SELECT COUNT(*) FROM FEEDER_QUEUE WHERE FQ_ITEMTYPE = 'A10' AND FQ_ITEMNAME ='*AllEscCharsChars"?<:>;'/\!()&$*'

If I run the SQL query in sqlplus the extra apostrophe in the string is causing the problen.

I'm using a PeparedStatement which I thought would escape the character for me, but it's not.

Does anyone have any advice on how to proceed? Is there some method I can call to escape the chars before sending the statement?

Thanks in advnace for any help!

-Andrew