Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to escape special characters used in SQL query?

Tags:

java

sql

escaping

Is there a Java library for escaping special characters from a string that is going to be inserted into an SQL query.

I keep writing code to escape various things, but I keep finding some new issue trips me up. So a library that takes care of all or most of the possibilities would be very handy.

EDIT: I am using MySQL (if that makes any difference).

like image 715
Ankur Avatar asked Jun 30 '11 05:06

Ankur

2 Answers

Well... jdbc. Pass the strings as parameters, and don't append them to the query string

like image 174
Maurice Perry Avatar answered Nov 01 '22 14:11

Maurice Perry

A little bit more research points me to this:

http://devwar.blogspot.com/2010/06/how-to-escape-special-characters-in.html

Which suggests to use apache.commons.lang.StringEscapeUtils, I will try this out

like image 38
Ankur Avatar answered Nov 01 '22 14:11

Ankur
Sign in to Comment

Related questions

HTTPClient PostMethod for byte[]
Axis Marshaller
In Java, there is some URL parser?
Overriding hashCode in Java for a specific case
http server in php
Java Glass pane
Java networking: evented Socket/InputStream
jmap/jhat vs jVisualVM
<h:inputText> enabled/disabled - change background color
Methods with variable argument list
JUnit testing of java Equal method
Bat file for jar
POST an array of custom objects to a Struts 2 action
javax.crypto working differently in different versions of Android OS?
One-Time-Password (OTP) C# to Java conversion of Code
Java authorization library like "CanCan" for Ruby on Rails
Trouble with GWT and Guava
How can I create a Wicket URL that hides its parameters?
Differences between regular expressions in Java and ECMA-262 (AS, JS)
How to use Auditing in JPA/Spring-Data JPA?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!