Select in MySQL ignoring single quotes

Question

Select in MySQL ignoring single quotes

Navigation

#1 by (1 votes)
#2 by (0 votes)

0

Hello How can I use this select and ignore value with single quotes?

.
.
.st.executeQuery("select * from tabela_A where id = uc");

        rs = st.getResultSet();


        while (rs.next()) {

                texto = rs.getString("rua")
           }...

... the problem is that when the street is for example Step_Dial, I want to delete this single quotation mark, otherwise I will have an error following the system ...

ps. the select is being done in MYSQL, and the return (rs.getString) used in a JSP page.

mysql javascript select

asked by anonymous 02.12.2016 / 17:34

2 answers

0

You have to treat this input by putting a function to put \ '(against slash) in the quotation marks and elements that can interfere with the sql query.

I believe this link Block javascript and sql attack -injection in the same string can help you.

02.12.2016 / 17:51

How to get an image of the save screen in the project folder and save the path in Mysql database? Multiple if in an SQL condition

score 1 · Accepted Answer

1

You can handle the return soon in the result.

texto = rs.getString("rua");
if (null != texto) {
  texto = texto.replaceAll("\'","");
}

02.12.2016 / 17:54