james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Richard O. Hammer" <ROHam...@EarthLink.net>
Subject Re: escaping of SQL strings
Date Sun, 14 Dec 2003 23:52:57 GMT
Thank you, Serge.  PreparedStatement.setString() does the escaping 
trick, all right.  I've confirmed this with testing.  The API 
documentation didn't give me a clue.

Rich

Serge Knystautas wrote:
> Richard O. Hammer wrote:
> 
>> I stumbled into this question when, using my James-offshoot server, I 
>> sent a test message with a possessive (single quote) in the subject:
>> Subject: Friday's test
>> and it failed with
>> java.sql.SQLException: ERROR:  parser: parse error at or near "s"
> 
> 
> You shouldn't do escaping yourself in Java.  Do 
> PreparedStatement.setString(paramNum, stringValue)
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message