Page 2 of 2 FirstFirst 12
Results 21 to 23 of 23
  1. #21
    porchrat is offline Senior Member
    Join Date
    Mar 2009
    Posts
    105
    Rep Power
    0

    Default

    OK so MySQL escapes it down to '\\' but the PreparedStatement escapes it back to '\\\\'?

    That would definitely explain what I'm seeing here. Why would this happen for PreparedStatement and not for Statement? Is it something to do with the setString method?

  2. #22
    Tolls is offline Moderator
    Join Date
    Apr 2009
    Posts
    12,009
    Rep Power
    20

    Default

    No.
    The PreparedStatement comes first.

    Yourcode -> JDBC -> database

    That's the order.

    The reason for prepared statements is to allow for automatic escaping of strings (as well as other stuff, but that's the important bit here). If you were to concatenate a query together (for example) and use a statement then you would have to take into account any odd characters put in by the user via the front end and escape them by hand. With e PS you can simply pass the String into setString and it'll do all that for you.

  3. #23
    porchrat is offline Senior Member
    Join Date
    Mar 2009
    Posts
    105
    Rep Power
    0

    Default

    Ah OK that clears it up for me. Thank you so much Tolls :)

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Replies: 0
    Last Post: 12-09-2010, 05:56 PM
  2. Replies: 0
    Last Post: 09-28-2010, 09:52 AM
  3. PreparedStatements
    By lompic in forum New To Java
    Replies: 0
    Last Post: 04-14-2010, 12:59 PM
  4. BinaryStream with PreparedStatements
    By atom86 in forum Advanced Java
    Replies: 3
    Last Post: 10-21-2009, 11:54 AM
  5. Replies: 2
    Last Post: 01-23-2009, 04:09 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •