Bob
Reputation: 157
Escape quotation with backslash
I am trying to insert data into MySQL, and while doing so, was faced with the error where the input has single quotation, therefore breaking my sql insert string.
This is my line of code
String visitorSql = "INSERT INTO visitor" + "(encryptedEmail)" + "VALUES ('" + encryptedEmail.replace("'", "\\'")+"')";
The syntax error is,
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''w+8L8%]/ò“VZ(R?cêíµ–ö\')' at line 1
I've encrypted the email for the sake of the privacy. Any other idea how should I code it to escape the quotation?
Upvotes: 1
Views: 52
Answers (1)
Jaydeep Rajput
Reputation: 3673
You have to replace all the single quotes(') with ''(2 single quotes) to escape them.
String visitorSql = "INSERT INTO visitor(COLUMN_NM) VALUES ('" + encryptedEmail.replace("'", "''")+"')";
Upvotes: 2
Related Questions
- Escaping an apostrophe in Java
- JDBC and Oracle DB : Escape ' (single quote)
- How to escape quotes in a MySQL statement in Java
- How to escape quotes "" characters in MySQL and Java
- single quotes and double quotes in mysql insert and update query (java)
- Escape single quotes in JDBC (getting error: You have an error in your SQL syntax ...)
- How to escape single quote in string literal using MySQL from Java
- How to escape quotes in Java
- Escaping single quotes in JDBC with MySql
- Escaping Strings for MySQL in Java