cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From MTiffan...@aol.com
Subject Re: ESQL query with ' and " special chars
Date Mon, 19 May 2003 20:36:01 GMT
You could try using the java.net.URLEncoder and java.net.URLDecoder classes 
to encode strings that you're putting into the database, and then decode the 
strings when retrieved. You could try adding the following to your stylesheet 
so that it gets output to your XSP:

// Code follows //

<xsp:structure>
<xsp:include>java.net.*</xsp:include>
</xsp:structure>

<xsp:logic>
private String encodeString(String s)
{
  return URLEncoder.encode(s);
}

private String decodeString(String s)
{
  return URLDecoder.decode(s);
}

</xsp:logic>

//End code//

and then your markup for the SQL blick would change from:



[...]
<esql:query>
  INSERT INTO articles (id, title, body)
  VALUES ( 
    <xsl:value-of select="@id"/>,
    '<xsl:value-of select="title"/>', 
    '<xsl:apply-templates select="body"/>'
  ) 
</esql:query>
[...]

to

[...]
<esql:query>
  INSERT INTO articles (id, title, body)
  VALUES ( 
    <xsp:expr>encodeString(<xsl:value-of select="@id"/>)</xsp:expr>,
    '<xsp:expr>encodeString(<xsl:value-of select="title"/>)</xsp:expr>',

    '<xsp:expr>encodeString(<xsl:apply-templates select="body"/>)</xsp:expr>'
  ) 
</esql:query>
[...]

You would of course need to decode the strings from the databse to make them 
people-readable when retrieved. And again, I used this solution right in XSP, 
so, since your situation is different, your mileage may vary... If you'd like 
code to look at, please email me directly and I'll be happy to send.

HTH,
Michael Tiffany




Mime
View raw message