From: | "Thomas O'Dowd" <tom(at)nooper(dot)com> |
---|---|
To: | pgsql-jdbc(at)postgresql(dot)org |
Subject: | Escape Processing problems |
Date: | 2001-08-28 14:57:21 |
Message-ID: | 20010828235721.H32410@beast.uwillsee.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-jdbc |
Hi all,
The Connection.EscapeSQL() routine is broken IMHO . Actually, I'm not
sure why it is trying to fix strings starting with "{d" in the first place?
Anyway, currently I've turned it off in the statement with
setEscapeProcessing(false)
The problem I'm having is that "{d" appears in the data that I'm trying
to store and its not a date. So data like the following...
.....blahhh}; {blahhh }; {docs=""};
is turning into...
.....blahhh}; {blahhh }; ocs="" ;
^^ ^
What's more is if I have something like "{d....." and there is no ending
brace, it will throw a StringIndexOutOfBoundsException as the return
value of the indexOf() looking for the closing brace will not find one
and thus setCharAt() will use an illegal index of -1 :(
The routine is below for reference... Can anyone explain why it is trying
to do this on me in the first place. I would think escape processing would
do something a little different like watching my single quotes etc.
public String EscapeSQL(String sql) {
//if (DEBUG) { System.out.println ("parseSQLEscapes called"); }
// If we find a "{d", assume we have a date escape.
//
// Since the date escape syntax is very close to the
// native Postgres date format, we just remove the escape
// delimiters.
//
// This implementation could use some optimization, but it has
// worked in practice for two years of solid use.
int index = sql.indexOf("{d");
while (index != -1) {
//System.out.println ("escape found at index: " + index);
StringBuffer buf = new StringBuffer(sql);
buf.setCharAt(index, ' ');
buf.setCharAt(index + 1, ' ');
buf.setCharAt(sql.indexOf('}', index), ' ');
sql = new String(buf);
index = sql.indexOf("{d");
}
//System.out.println ("modified SQL: " + sql);
return sql;
}
Cheers,
Tom.
--
Thomas O'Dowd. - Nooping - http://nooper.com
tom(at)nooper(dot)com - Testing - http://nooper.co.jp/labs
From | Date | Subject | |
---|---|---|---|
Next Message | T.R.Missner | 2001-08-28 15:12:25 | RE: Fastpath error on solaris 2.8 pgsql 7.1.3 |
Previous Message | Tom Lane | 2001-08-28 13:14:57 | Re: [GENERAL] Regarding vacuumdb |