basic string replacement

[developerinlondon]

ok i am trying to do a simple replacement in a multiline string but i cant seem to find an example anywhere. I tried mystring.replaceAll("'", "\'")
so that I get the ' replaced with \' (for escaping sql queries), but it doesnt seem to do much.

any ideas?

 

[developerinlondon]

i also tried using the
stmt.setEscapeProcessing(true);
function in Statement class which is 'suppose' to escape mysql queries in the proper way, but this too seems to not do anything...

 

[Diancecht]

Some tips:

- replaceAll method with String parameters is only avaliable in jre1.4 and beyond.

- tell us what happens is you execute it

- maybe a PreparedStatement could do the trick.

Cheers,

Dian

 

[developerinlondon]

thanks for the tips. I got it to replace strings using the 'replace' method instead. JDK shouldnt be a problem, I am using 1.5/1.4.

I tried with the PreparedStatement, but I am using the javax.sql.* library and the apache dbcp library for connection pooling, apache dbcp connections only returns a Statement object when called.

 

[developerinlondon]

ah it seems the 'replace' function doesnt work in jdk1.4... is this usual?

 

[developerinlondon]

the exact error message i get is :
myfile.java:84: replace(char,char) in java.lang.String cannot be applied to (java.lang.String,java.lang.String)

 

[developerinlondon]

ok it IS a JDK1.4 problem as it doesnt have a Charsequence replace method. correct way of calling would be to use single quotes (').

 

[sedj]

1) DBCP only uses your normal JDBC driver, and all JDBC compliant drivers/API implementations have the ability to create a PreparedStatement.
Instead of :

Statement s = conn.createStatement();

use :

PreparedStatement ps = conn.prepareStatement(yourSQL);

You really should get into the habit of using this instead of your Statement object because it allows the database to cache your SQL statements.

2) String.replace() takes two values that are of datatype 'char' - not String (they are not the same).

3) The syntax should be :

String s = s.replaceAll("'", "\\'");

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk

 

[sedj]

it IS a JDK1.4 problem

No ... its your problem because you have not read the API correctly !

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk

 

[developerinlondon]

well with JDK1.5 I can pass multicharacters to be searched and replaced as it has a overriden replace(charSequence,charSequence) method which JDK1.4 doesnt have. So yes I did need to change my code so that it works with JDK1.4

 

[developerinlondon]

I just tried using
PreparedStatement stmt = conn.prepareStatement(yourSQL);
and
stmt.setEscapeProcessing(true);

but I still need to seem to have to change and escape the queries before passing it to it stmt.

is there any functions that will take any strings and escape the relevant characters? (eg ', ", etc)

 

[sedj]

I really think you are missing the point here :

String sql = "INSERT INTO table1 VALUES(?,?)";
PreparedStatement stmt = conn.prepareStatement(sql);
stmt.setString(1, "some quote's quotes");
stmt.setString(2, "' ' ' ' ' ' ' '");
stmt.execute();

Read :

http://java.sun.com/j2se/1.4.2/docs/api/java/sql/PreparedStatement.html

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk

 

[developerinlondon]

ah yes i see what you mean! thanks!

 

[stefanwagner]

I would strictly recommend the prepared-statement-solution.

But the question is open: why didn't replace not work?
Here's the answer:
You have to use two backslashes, because backslash is a special character, used to mark another special character:

mystring.replaceAll ("-EOL-", "\n");
mystring.replaceAll ("-quote-", "\"");

If you mean backslash itself, you have to put two backslashes in the code:

mystring.replaceAll ("'", "\\'");

A second pitfall is the final kind of strings.
'replaceAll' will not change 'mystring' but return a new String. You have to write:

mystring = mystring.replaceAll ("'", "\\'");

seeking a job as java-programmer in Berlin:

http://home.arcor.de/hirnstrom/bewerbung