How to read HashMark in parameters from URL

Question

I have written a Java Servlet which queries the database and returns the result to JSP. I am executing the SQL Statement based on the parameters passed from the URL

//Reading Parameter
String User = request.getParameter("userid");

//Executing the SQL
String sqluser = "SELECT 1  FROM <table name> WHERE username = ?

pstmt = con.prepareStatement(sqluser);
pstmt.setString(1, User);
rset = pstmt.executeQuery();

The sample URL: http:\testenv.com\test?userid=tana

The above URL displays correct result since user='tana'.

But there are some users that have "#" in their user name.

For e.g: http:\testenv.com\test?userid=la#na

The SQL Statement does not return any value because User= 'la' in above case even though the URL has "la#na". Can i get the value "la#na" using getParameter? If so what do i need to do?

Thanks.

Answer 1

The hash character needs to be properly encoded, since it is usually used as an internal link.

http://testenv.com/test?userid=la%23na

Answer 2

The '#' has a role in URLs, and it's not a regular char. It is called an anchor, and it marks a certain location within the requested page. The part after the anchor is only used by the browser, and therefore it is not part of the query string, and is not sent to the server. So your server gets the la, and the na stays at the browser.

If you have control over the URL that is sent, have it encoded. Otherwise, there's not much you can do.