Tuesday, 15 September 2015

java - inserting into access database apostrophe issue -


I am trying to get some information in an Access database of a website. I am creating beans with information from the website and then I will send that bean to the database. The problem is that with some exceptions, some things have been blocked in the database. Exceptions -

  net.ucanaccess.jdbc.UcanaccessSQLException: unexpected token (tokens required):  

So what Ive checked in common with the values That this exception is creating an apostrophe, every value which is calling an exception, there is an apostrophe in it, and I can not really change it yet. So I'm wondering how can I get that apostrophe in ucanaccess that can use without any exception?

The query statement

  stmnt = conn.prepareStatement ( "insert probe Table1 (doctorName, details, specialty1, specialty2, personalSite, clinic1, phone1, clinic2, Phone2, Clinic3, phone3, worksWith) values ​​(?,?,?,?,?,?,?,?,?,?,?,?, ') ;? stmnt.setString (1, tempBean.getDoctorName ()); stmnt.setString (2 Tempbinkgetdeskripshn ()); Stmntksetstring (3 Tempbinkgetspeshlitil ()); Stmntksetstring (4 Tempbinkgetspeshliti2 ()); Stmntksetstring (5 Tempbinkgetpersonlsite ()); Stmnt .setString (6, tempBean.getClinic1 ()); stmnt.setString (7, tempBean.getPhone1 ()); stmnt.setString (8, tempBean.getClinic2 ()); stmnt.setString (9, tempBean.getPhone2 ()) ; Stmntksetstring (10, Tempbinkgetclinik3 ()); Stmntksetstring (11 Tempbinkgetfone3 ()); Stmntksetstring (12 Tempbinkgetvrksvith ()); Stmnt.aksekyuteupdate ();  

Y ou are facing a common problem called SQL injection.

The way to ensure this with Java that does not prepare ready access locations. Take a look at the second question for a good example.


1 comment: