while working on jdbc, i wanted to filter out invalid character in sql statement such as "'" the single quote. the way i first did is
newSql = orgSql.replaceAll("'", "\'");
it works? doh no! after a little bit searching i found the solution here Avoid the dreaded replaceAll method, the correct way to do it should be
newSql = orgSql.replaceAll("'", \\\\\');
5 slashes, yes, because this statement goin to compile 2 times before it being execute, so java will eat 2 them, regex will eat another 2. the remaining will be "\'". elegant right?
talking about jdbc, in previous java game server, i was using hibernate for the job, but it give me very big headache, the lazyness feature don't work on me at all, give me bunch of exception, at the end i have to manually store the data in heap. after that i seared i'll use jdbc instead.
No comments:
Post a Comment