开发者

Escaping comma in java

I have a string which is fed into the query as IN clause,which looks 开发者_StackOverflow中文版like this ('ACT','INACT') which is one of the parameters to a function inside a package.when a call is made to the function from java, it looks like this

call package.function(1,2,3,('ACT','INACT'),4,5).

When the package is called,i get error as wrong type of arguments.

It is taking the values inside brackets as different values delimited by strings


You should use a CallableStatement, so that you don't have to worry about escaping your inputs. It would look like this:

CallableStatement proc = conn.prepareCall("{call package.function(?,?,?,?,?,?) }");
proc.setInt(1,1);
proc.setInt(2,2);
proc.setInt(3,3);
proc.setString(4,"('ACT','INACT')");
proc.setInt(5,4);
proc.setInt(6,5);
proc.execute();


If you want to escape Strings to put them in SQL queries I urge you to have a look to Commons Lang and more specifically to StringEscapeUtils which includes a static method just to escape Strings for SQL.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜