Skip site navigation (1) Skip section navigation (2)

Re: Escape Processing problems

From: Barry Lind <barry(at)xythos(dot)com>
To: "Thomas O'Dowd" <tom(at)nooper(dot)com>
Cc: pgsql-jdbc(at)postgresql(dot)org
Subject: Re: Escape Processing problems
Date: 2001-08-28 19:55:19
Message-ID: 3B8BF727.2030506@xythos.com (view raw or flat)
Thread:
Lists: pgsql-jdbc
Thomas,

This is doing exactly what it is supposed to according to the JDBC Spec. 
  In fact there are a bunch of other '{X  }'  things that the Spec 
defines that it should also be handling.

thanks,
--Barry

Thomas O'Dowd wrote:
> Hi all,
> 
> The Connection.EscapeSQL() routine is broken IMHO . Actually, I'm not
> sure why it is trying to fix strings starting with "{d" in the first place?
> 
> Anyway, currently I've turned it off in the statement with
> setEscapeProcessing(false)
> 
> The problem I'm having is that "{d" appears in the data that I'm trying
> to store and its not a date. So data like the following...
> 
> .....blahhh}; {blahhh }; {docs=""};
> 
> is turning into...
> 
> .....blahhh}; {blahhh };   ocs="" ;
>                          ^^      ^
> 
> What's more is if I have something like "{d....." and there is no ending 
> brace, it will throw a StringIndexOutOfBoundsException as the return
> value of the indexOf() looking for the closing brace will not find one
> and thus setCharAt() will use an illegal index of -1 :(
> 
> The routine is below for reference... Can anyone explain why it is trying
> to do this on me in the first place. I would think escape processing would
> do something a little different like watching my single quotes etc.
> 
>     public String EscapeSQL(String sql) {
>       //if (DEBUG) { System.out.println ("parseSQLEscapes called"); }
> 
>       // If we find a "{d", assume we have a date escape.
>       //
>       // Since the date escape syntax is very close to the
>       // native Postgres date format, we just remove the escape
>       // delimiters.
>       //
>       // This implementation could use some optimization, but it has
>       // worked in practice for two years of solid use.
>       int index = sql.indexOf("{d");
>       while (index != -1) {
>         //System.out.println ("escape found at index: " + index);
>         StringBuffer buf = new StringBuffer(sql);
>         buf.setCharAt(index, ' ');
>         buf.setCharAt(index + 1, ' ');
>         buf.setCharAt(sql.indexOf('}', index), ' ');
>         sql = new String(buf);
>         index = sql.indexOf("{d");
>       }
>       //System.out.println ("modified SQL: " + sql);
>       return sql;
>     }
> 
> Cheers,
> 
> Tom.
> 



In response to

Responses

pgsql-jdbc by date

Next:From: Barry LindDate: 2001-08-28 19:56:50
Subject: Re: Unterminated quoted string error.
Previous:From: Rene PijlmanDate: 2001-08-28 17:31:18
Subject: Re: Re: Proposal to fix Statement.executeBatch()

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group