Replacing Apostophes for Insert into Database?
This is really stumping me....I have a form within a JSP, and within the form I ahve a text area for comments...
If the comments have an apostrophe in it ...like That's not right....then it causes an error when I try to insert the data into my Access database...it says that there is a missing operator in the syntax...pointing to the comments...
I have been looking for a simple way to replace the apostrophes within the text area before I send it to the database...
Here is the code I have for the database INSERT:
Code:
<%
String name = request.getParameter("Name");
String phn = request.getParameter("Phone");
String loc = request.getParameter("Location");
String rep = request.getParameter("Rep");
String typ = request.getParameter("Type");
String dte = request.getParameter("DateR");
String acct = request.getParameter("acct");
String prod = request.getParameter("Products");
String cust = request.getParameter("custlname");
String resn = request.getParameter("Reasons");
String comm = request.getParameter("comments");
String parsedReqParam = comm.replace('\'','"');
String today = request.getParameter("today");
ddpe.sqltools.SQLTool q= new ddpe.sqltools.SQLTool("sun.jdbc.odbc.JdbcOdbcDriver","CEPweb",true);
q.doSelectQuery("INSERT INTO CEP VALUES('"+name+"', '"+phn+"', '"+loc+"', '"+rep+"', '"+typ+"', '"+dte+"', '"+acct+"', '"+prod+"', '"+cust+"', '"+resn+"', '"+comm+"', '"+today+"')");
out.println(q.getError());
//out.println(today);
q.close();
%>
I sure hope that some of you JAVA gurus are out there to assist a newbie like me???
Thank you.
