Markus Schaber wrote:
> Hi, Mark,
>
> Mark Lewis <mark(dot)lewis(at)mir3(dot)com> wrote:
>
>
>>> You don't generally need to escape your strings if you're using
>>> PreparedStatements.
>>>
>>>
>> The only exception to this rule is backslashes and (when using LIKE) the
>> '%' and '_' characters. Although if you're running 8.2 and turn the
>> standard_conforming_strings setting ON then you don't need to worry
>> about backslashes.
>>
>
> That sounds confusing.
>
> I always thought that the Strings that I set with setString() don't
> have to be escaped at all, the Driver will handle it transparently (by
> either escaping for V2 protocol, or using BIND with the appropriate
> encoding).
>
> But, of course, when I have a String Literal in the source, I need to
> add a layer of Java escaping for ", \, and some others.
>
>
I suppose you've missed the main: "you need to escape only when you are
using LIKE".