commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chad Johnson" <ch...@netnet.net>
Subject Re: Possible addition to StringUtils
Date Mon, 10 Dec 2001 21:57:35 GMT
Hey,
  Hmm, I do like this take on the method(s).  Instead, of going to great
lengths to make it DB compatible, just lay the ground work that make the
substituting possible.  The method itself would work similar to replace()
except it would need to check if the character in question is already
escaped.


-Chad Johnson

----- Original Message -----
From: "Scott Sanders" <ssanders@nextance.com>
To: "'Jakarta Commons Developers List'" <commons-dev@jakarta.apache.org>
Sent: Monday, December 10, 2001 2:11 PM
Subject: RE: Possible addition to StringUtils


> Would it not be useful to have a generic string escaper, that says for
> character x in a string, escape it with y?
>
> Scott Sanders
>
> > -----Original Message-----
> > From: Jason van Zyl [mailto:jvanzyl@zenplex.com]
> > Sent: Sunday, December 09, 2001 7:09 PM
> > To: Jakarta Commons Developers List
> > Subject: Re: Possible addition to StringUtils
> >
> >
> > On 12/9/01 9:14 PM, "Chad Johnson" <chadj@csoft.net> wrote:
> >
> > > Hey,
> > > Just wondering if a method that escapes single and double
> > quotes, and
> > > other potential SQL query breaking characters has been
> > considered for
> > > addition to the StringUtils class?
> >
> > Probably not. I'd say that's a little specific and the
> > quoting schemes are sometimes different for different
> > databases. This type of string manipulation that's database
> > specific should probably be handled in your persistence
> > mechanism. In Torque (http://jakarta.apache.org/turbine/torque)
> > the behaviour of a particular database is modeled in an
> > individual class, quoting is handled here.
> >
> > >  I'd imagine this would be usefull when
> > > using a prepared statement for query construction with
> > insecure data
> > > isn't an option.
> >
> > You would probably get into the case of looking at the
> > database type and having a bunch of variants of the method to
> > deal with the database. This is handled in Torque but in
> > general I say it should be handled in your persistence mechanism.
> >
> > > -Chad Johnson
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <mailto:commons-dev-> unsubscribe@jakarta.apache.org>
> > > For
> > additional commands,
> > e-mail:
> > > <mailto:commons-dev-help@jakarta.apache.org>
> >
> > --
> >
> > jvz.
> >
> > Jason van Zyl
> >
> http://tambora.zenplex.org
> http://jakarta.apache.org/turbine http://jakarta.apache.org/velocity
> http://jakarta.apache.org/alexandria
> http://jakarta.apache.org/commons
>
>
>
> --
> To unsubscribe, e-mail:
> <mailto:commons-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:commons-dev-help@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
<mailto:commons-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
<mailto:commons-dev-help@jakarta.apache.org>
>


--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message