escaping literal's in java string using regex

i have a string value that i have to insert in mysql database. and i have to escape some literal like (' , " ,% ,) in this string so how can i use regex for 开发者_JAVA技巧that

Don't use regex. Use a database library that escapes things for you, and let it handle this.

Don't try to do this yourself. Let the JDBC driver handle it, by using PreparedStatement instead of concatenating an SQL statement using strings yourself. Example:

Connection conn = ...;    // Database connection

PreparedStatement ps = conn.prepareStatement("INSERT INTO MYTABLE (NAME, AGE) VALUES (?, ?)");

ps.setString(1, "Jesper");
ps.setInt(2, 38);

ps.executeUpdate();

If you use PreparedStatement, the JDBC driver will take care of escaping the inserted values correctly for whatever brand and version of the database that you use.