characters that crash mysql queries

[mslane]

Hello,

I'm doing some web programming, and have run into a few issues using mysql queries. There are a number of characters (ie #%&";&quot that stall my queries. I'm programming in java, and I run the executeQuery command on user entered text. How can I prepare the statement to go to the database so that the query won't crash, and then how can I get the info back out.

Thanks,
Matt

 

[JamesHud]

Are these characters in your table or in your query?

 

[mslane]

The characters are in the query from user entered values.
For example
I would ask the question:
What is today's date?
They respond:
Today's date is December 17, 2001.

If I tried to put the user entered String into the database with this statement
String newDate = request.getParameter(enteredDate);
update examples set date = \""+ newDate +"\"";

my query would stall at the apostraphy in "Today's". Or it would stall with the comma that is in the date itself. What I've done is write a method that puts a slash in front of each of these characters. I'm just wondering if there is an easier way than running all of my query variables through this method.