Reputation: 21
Remove specific characters from a String in java
I have the following query:
select *from activo where id_oficina in(22,23) and id categoría = 'in(1,2)'
How can I remove the "=" character and the single quotes?
I'm working with kendo Ui and I did not know what can be removed manually.
Upvotes: 1
Views: 140
Answers (2)
Reputation: 403
The replaceAll suggested by @Andy Turner works:
String string = "select *from activo where id_oficina in(22,23) and id categoría = 'in(1,2)'";
string = string.replaceAll("[=']", "");
System.out.println(string);
Upvotes: 0
Reputation: 1413
Know nothing of Kendo, but it appears that you're trying to enter 'in(1,2)' in a field and then have that substituted into the query statement, instead of just entering a single value.
First off, should be using JDBC bind variables, somehow, any SQL statement created by doing string concatenation is ripe with security holes. https://www.owasp.org/index.php/Top_10_2013-A1-Injection
Second, you can't bind values for an IN the same way as a single value. Now, you could always have an IN clause and sometimes you'll bind just a single value. This has been addressed before: How do I bind an ArrayList to a PreparedStatement in Oracle?
Upvotes: 1
Related Questions
- How do I avoid checking for nulls in Java?
- How can I prevent SQL injection in PHP?
- How to get an enum value from a string value in Java
- How do I read / convert an InputStream into a String in Java?
- How can I output MySQL query results in CSV format?
- Is Java "pass-by-reference" or "pass-by-value"?
- How can I create a memory leak in Java?
- How do I generate random integers within a specific range in Java?
- What are the differences between a HashMap and a Hashtable in Java?
- How do I convert a String to an int in Java?