Problem in displaying single quotes

Similar Messages

• How to construct a sql query when field having single quote

  Hi all,
  I have been working on web application , here is my requirement:
  I'm constructing sql statement dynamically from dynamic user input (form data). In one of the field having single quote.
  while executing the query it is getting problem because of single quote .. so how do i resolve my problem.
  single quote should be there. (I'm using Ms-Access as my database).
  Thanks in advance
  abel

  Use PreparedStatement. Always. It not only eases setting Java objects in a SQL query, but also protects you against SQL injections.
  Prepare yourself: [http://java.sun.com/docs/books/tutorial/jdbc/basics/prepared.html].

• Getting rid of single quotes and other bad characters

  Hello All-
  I am writing a servlet that takes a value from a form, and saves it to a database. However, when single quotes, and other illegal characters are entered, i get all sorts of errors. I am certain their is some function that would take care of all of this.
  Help!

  Hi there,
  When you try to insert single quotes into the database it gives an error or problem because a single quote is a reserved character in the database.
  If you want to store a single quote or any other character that is reserved in the database then you need to find out how to escape that reserved character.
  One option is to use the single quote twice, so instead of ' , use '' (not double quote but , type single quote twice).
  Another option is to use HTML entity code for single quote
  "Message was edited by:
  appy77

• IN operator with single quotes

  Hi All,
  I am having problem dealing with Single Quotes with IN operator. Below procedure will explain my problem:
  create or replace procedure sp_countemp
  p_empnames       in   varchar2
  is
  v_cnt            integer:=0;
  BEGIN
  select count(*) into v_cnt from emp where ename in (p_empnames);
  DBMS_OUTPUT.PUT_LINE(v_cnt);
  END;I will be getting p_empnames as 'ALLEN','SMITH'
  But I am not getting any records here.
  Thanks,
  Danish

  Hope this helps..
  DECLARE
    TYPE strarray IS TABLE OF VARCHAR2(100);
    p_empnames STRARRAY;
    v_tot INTEGER :=0;
    v_cnt INTEGER := 0;
  BEGIN
    p_empnames := strarray('Allen','Smith');
    FOR i IN p_empnames.FIRST .. p_empnames.LAST LOOP
        SELECT COUNT(*) INTO v_tot FROM emp WHERE ename = p_empnames(i);
        v_cnt := v_cnt + v_tot;
    END LOOP; 
    DBMS_OUTPUT.PUT_LINE('Count '||v_cnt);
  END;
  Count 2

• XML invalid character -  a single quote problem

  Hi, I am reading in an xml file, then write the file to output. The problem is that the input file has a strange single quote character [ *�*  ] - lets call it single quoate A, which is different from [  *'*  ] , that is the key next to the [ ; ] key on an English keyboard - lets call it single quate B. And in fact there isnt a key to input single quote A, I guess the appearance of single quote A is due to encoding.
  If I open the input xml file in browser, it works ok and displays the single quote A.
  Once I read in the xml file into memory, by debugging I can still see that single quote A is corrected encoded;
  However once I rewrite the same content to output, the single quote A character is changed, and if i open the file in browser, it says 'invalid character' because single quote A were changed when written to output and cannot be rendered.
  Both input and output xml are using UTF-8 encoding. How can I solve this problem please?
  The xml file looks:
  <?xml version="1.0" encoding="UTF-8" ?>
  <content>....1980�s (Peacock and Williams, 1986; Keay, 1984)</content> My code for reading
  String _xquery ="//content/text()";
  Document _xmlDoc= DocumentBuilderFactory.newInstance().newDocumentBuilder().parse("myxml.xml");
  XPath _xpath = XPathFactory.newInstance().newXPath();
  NodeList nodes = (NodeList) _xpath.compile(query).evaluate(_xmlDoc, XPathConstants.NODESET);
  List<String> res = new ArrayList<String>(nodes.getLength());
  for (int i = 0; i < nodes.getLength(); i++) {
      res.add(nodes.item(i).getNodeValue());
  String valueToOuput=res.toString() //this is the value to be output to xml, it shoud look like "[....1980�s (Peacock and Williams, 1986; Keay, 1984)]"my code for writing xml
  Element root=new Element("root");;
  Element content= new Element("output-content")
  content.setText(valueToOutput);
  root.addContent(content);
  PrintWriter writer = new PrintWriter(new FileWriter(f));
  new XMLOutputter().output(domDocument, writer);
  writer.close();

  Hi, sorry I have fixed the problem... instead of using PrintWriter, I used Fileoutputstream, and it solved the problem. Thanks!

• RWRUN60: Problem with parameter value containing space between single quote

  Hi All
  I'm using RWRUN60 to generate my report by following way:
  C:\orant\BIN\RWRUN60.EXE userid=DBUser/dbpasswor@db BACKGROUND="NO" BATCH="YES" DESFORMAT="pdf" DESNAME="C:\report.pdf" DESTYPE="FILE" ORIENTATION="LANDSCAPE" PARAMFORM="NO" P_REPORTID="2431" P_REPORTNAME="Report Name" report="C:\report.rdf" P_WHERE="StartDate>=to_date('2011-07-14 10-37-00','YYYY-MM-DD HH24-MI-SS')"
  When I tried to run given command above nothing was executed executed and any log didnt created.
  I found out that problem occurs when text between two single quotes contains spaces. In my case it is a parameter P_WHERE. I need to keep such format because it is part of report query.
  When I removed last parameter from command RWRUN60 successfully genereate pdf document.
  Further I added new test parameter P_TEST(it is ignored by rdf) in the end of command line following:
  P_TEST="test '11'" - rwrun60 generates report
  P_TEST="test '1 1'" - rwrun60 doesn't; generate report
  Can somebody help how to resolve given problem. Is it parsing bug or what else?

  Spaces on command lines a very often a bad idea. Get rid of them by changing the command, e.g.:
  to_date('2011-07-14:10-37-00','YYYY-MM-DD:HH24-MI-SS')

• Mssql single quote problem!

  Hi,
  I user servlet to update MS SQL2000. My problem is there is a single quote inside a text string!
  I can't use double quote for string, as it is not a valid statement for MSSQL. I need to use single quote, but there is single quote inside the string, how can I handle the string?
  String mstrnig="I'm a boy";
  String mSQL = "UPDATE news SET " + "title='" + mstring + "' WHERE code =" + mcode;
  Thanks

  the cleanest and easiest soln is to use preparedStatement.
  PreparedStatement ps = con.prepareStatement("update table comment=? where id = ?");
  ps.setString(1,"That's way to do it");
  ps.setInt(1,8);//some itn value
  ps.execute();

• Single Quote causing problem in XPATH

  The workflow was working fine until one of the fields had a single quote in the string and caused the update action to stall.
  Using the Execute SQL query module I am updating data in an Oracle table. The query looks like this
  UPDATE GSI_FEEDBACK_FORM_HEADERS
  SET SITE_STREET = '{$ /process_data/xfaform/object/data/xdp/datasets/data/form1/Details/site_street $}',
  SITE_STREET2 = '{$ /process_data/xfaform/object/data/xdp/datasets/data/form1/Details/site_street2 $}'
  One of the forms had the street value
  "Connah's Quay Deeside". I figured out that the single quote is causing the module to read it as the end of the XPATH, hence causing a "SQL command not ended properly" error.
  Any suggestions to oversome this issue.
  Aditya

  No problem
  It also:
  Makes your SQL look much neater.
  You can type in "test" values for the parameters, so that you can test your SQL statement and see the results.
  Howard
  http://www.avoka.com

• Problem in insertion with string containing   ' (single quote)

  i have a text field in jsp.
  when i submit the content need to be inserted/updated.
  when the text field contains character's with single quote( ' )..
  i am unable to insert/update values in database..
  where as if the text field contains characters without single quote..there is no problem in Database insertion/updation.
  i am using create statement .. and oracle database..
  can any one help ...

  The usual answer for this in the JDBC forum (where this should have been posted because it's completely about JDBC) is to use a PreparedStatement.

• Problem with lookup-table and single quotes

  SOA Suite 10.1.3.3. I have an ESB project with an XSLT map that uses orcl:lookup-table to translate values. I use this instead of lookup-dvm because I want non-IT users to manage the mappings without having access to the ESB Console.
  According to the doco:-
  G.1.79 lookup-table
  orcl:lookup-table(table, inputColumn, key, outputColumn, datasource)
  This function returns a string based on the SQL query generated from the parameters.
  The string is obtained by executing:
  SELECT outputColumn FROM table WHERE inputColumn = key
  The problem I'm having is that it seems if "key" contains a single quote (i.e an apostrophe), then lookup-table fails to find the corresponding value - even though the value in table.inputColumn also contains the single quote.
  I've put the incoming into an XSL variable, but to no avail.
  <xsl:variable name="incoming">
  <xsl:value-of select="/obj1:DEV_MESSAGE_TYP/DATA1"/>
  </xsl:variable>
  <xsl:variable name="dvm-text">
  <xsl:value-of select="orcl:lookup-table('MYTABLE','INVAL',$incoming,'OUTVAL','ds/dev')"/>
  </xsl:variable>
  Are there any XSLT Gurus out there that have come across this or can think of ways around it?
  Thanks in advance...
  Regards,
  Greg

  Ok - the above was on the right track but wasn't 100% because it can't handle more than 1 single quote (apostrophe) in the input to lookup-table.
  I've since found a better solution - an XSLT re-usable template that operates recursively and so can replace multiple occurances of single quotes. I've modified it to handle a null input value, otherwise lookup-table will just return the value of the first row in the lookup table - doh! The way I've done it below, if null is passed in, then null will be returned.
  This goes at the top of your XSLT map file...
  <!-- reusable replace-string function -->
  <xsl:template name="replace-string">
  <xsl:param name="text"/>
  <xsl:param name="from"/>
  <xsl:param name="to"/>
  <xsl:choose>
  <xsl:when test="contains($text, $from)">
       <xsl:variable name="before" select="substring-before($text, $from)"/>
       <xsl:variable name="after" select="substring-after($text, $from)"/>
       <xsl:value-of select="$before"/>
       <xsl:value-of select="$to"/>
  <xsl:call-template name="replace-string">
  <xsl:with-param name="text" select="$after"/>
  <xsl:with-param name="from" select="$from"/>
  <xsl:with-param name="to" select="$to"/>
       </xsl:call-template>
  </xsl:when>
  <xsl:when test="$text=''">NULL</xsl:when>
  <xsl:otherwise>
  <xsl:value-of select="$text"/>
  </xsl:otherwise>
  </xsl:choose>
  </xsl:template>
  Then you call it from within the XSLT map as follows:-
  <!-- if contains a single quote, replace with 2x single quotes. This makes lookup-table work! -->
  <xsl:variable name="incoming">
  <xsl:call-template name="replace-string">
  <xsl:with-param name="text" select="inp1:myinputfield"/>
  <xsl:with-param name="from">'</xsl:with-param>
  <xsl:with-param name="to" select="'&amp;apos;&amp;apos;'"/>
  </xsl:call-template>
  </xsl:variable>
  <xsl:variable name="dvm-text">
  <xsl:value-of select="orcl:lookup-table('MYLOOKUPTABLE','INVAL',$incoming,'OUTVAL','ds/dev')"/>
  </xsl:variable>
  <!-- lookup-table returns null if input value not found. Output original value instead -->
  <xsl:choose>
  <xsl:when test="$dvm-text=''">
  <xsl:value-of select="inp1:myinputfield"/>
  </xsl:when>
  <xsl:otherwise>
  <xsl:value-of select="$dvm-text"/>
  </xsl:otherwise>
  </xsl:choose>
  Much Thanks to everyone who shares information and methods on the Internet!
  Cheers,
  Greg

• Suppress the single quote when display downloaded file in EXCEL

  I have a requirement to keep all the cells contents left-justisfied when display in EXCEL. I used GUI_DOWNLOAD and concatenate a single quotes to the numeric fields in my internal table. However, when open the file in EXCEL, the single quote show up in the cell also. Anyone knows how to suppress the single quote when open in EXCEL? Here are my codes:
  concatenate '''' itab-field2 into itab-field2.
  modify itab.
     CALL FUNCTION 'GUI_DOWNLOAD'
       EXPORTING
         filename                      = 'c:test_xls.xls'
         FILETYPE                      = 'ASC'
         WRITE_FIELD_SEPARATOR         = 'X'
       tables
         data_tab                      = itab.
  Thank you,

  Check the below program :
  REPORT ZJOINS message-id z01. .
  *REPORT ZTEST3 line-size 400.
  DATA : V_CHAR(1) TYPE C VALUE ''''.
  data : v_field(12) type c.
  data : begin of itab occurs 0,
         fld1(12) type c,
         end of itab.
  start-of-selection.
  v_field = '0000012345'.
  CONCATENATE V_CHAR  V_FIELD  INTO V_FIELD.
  itab-fld1 = v_field.
  append itab.
  CALL FUNCTION 'WS_DOWNLOAD'
  EXPORTING
    BIN_FILESIZE                  = ' '
    CODEPAGE                      = ' '
      FILENAME                      =
      'C:\Documents and Settings\smaramreddy\Desktop\fff.xls'
     FILETYPE                      = 'ASC'
    MODE                          = ' '
    WK1_N_FORMAT                  = ' '
    WK1_N_SIZE                    = ' '
    WK1_T_FORMAT                  = ' '
    WK1_T_SIZE                    = ' '
    COL_SELECT                    = ' '
    COL_SELECTMASK                = ' '
    NO_AUTH_CHECK                 = ' '
  IMPORTING
    FILELENGTH                    =
    TABLES
      DATA_TAB                      = itab
    FIELDNAMES                    =
  EXCEPTIONS
     FILE_OPEN_ERROR               = 1
     FILE_WRITE_ERROR              = 2
     INVALID_FILESIZE              = 3
     INVALID_TYPE                  = 4
     NO_BATCH                      = 5
     UNKNOWN_ERROR                 = 6
     INVALID_TABLE_WIDTH           = 7
     GUI_REFUSE_FILETRANSFER       = 8
     CUSTOMER_ERROR                = 9
     OTHERS                        = 10
  IF SY-SUBRC <> 0.
  MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
          WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
  ENDIF.
  I just tried one field in internal table,i am not sure this program help you
  Thanks
  Seshu

• Single quot problem

  Hi friends
  Under given code is written in JSP page and passing userid in servlet
  document.form1.action="../servlets/myServelt?userid=abc'"Please check abouve line last character is double quout(") and second last character is single quot ( ' ).
  my problem is when i pass user id in servlet i got questation mark instead of single quot.
  I have to allow single quot in userid due to some reason. so i can't remove single quot.
  please help me how can i got single quot instead of questation mark ?
  Thanks
  virendra

  I don't think you are allowed to pass a single quote (apostrophe) over URLs. Web standards limit the characters that are allowed to be used to make room for protocol features.
  My guess is that you will need to URLEncode the string:
    <% String encodedGoTo = URLEncode("../servlets/myServelt?userid=abc'", "UTF-8"); %>
    document.form1.action="<%=encodedGoTo%>";

• Single quote problem

  Hi everyone,
  I'm new to sql/plsql and having problems with the following
  and1 := ' AND CS.COMPANY_NAME LIKE ''% ' || 'information' || ' %'' ';
  or1 := ' OR CS.COMPANY_NAME LIKE '' || 'information' || ' %'' ';
  or2 := ' OR CS.COMPANY_NAME LIKE ''% ' || 'information' || '' ';
  dbms_output.put_line(and);
  dbms_output.put_line(or1);
  dbms_output.put_line(or2);
  and1,or1, or2 are declared as varchars. Its giving the following error for the second line (or1):
  83/43 PLS-00103: Encountered the symbol "information" when expecting
  one of the following:
  . ( * @ % & = - + ; < / > in mod not rem an exponent (**)
  <> or != or ~= >= <= <> and or like between is null is not ||
  is dangling
  Any help is greatly appreciated.

  Hi Alex,
  Here is what im trying to do. I am trying to loop through the tokens in company name (compName) in the below example. Lets say compName is 'company information', I need to have the following clauses in my query:
  AND ( CS.COMPANY_NAME LIKE '% company % '
  OR CS.COMPANY_NAME LIKE 'company %'
  OR CS.COMPANY_NAME LIKE '% company' )
  AND ( CS.COMPANY_NAME LIKE '% information % '
  OR CS.COMPANY_NAME LIKE 'information %'
  OR CS.COMPANY_NAME LIKE '% information' )
  At the moment I only have the and clauses and am missing the or clauses. I was having trouble with single quotes and posted the original problem to get a better idea of what was going on. I am completely new to this. Here's the code:
       WHILE end_pos <> 0 LOOP
            end_pos := instr(compName ,' ',start_pos);
            IF end_pos <> 0 THEN
            token_count := token_count + 1;
            token := substr(compName , start_pos, end_pos - start_pos);
            vSQL := vSQL || ' AND CS.COMPANY_NAME LIKE ''% ' || token || ' %'' ';
                      start_pos := end_pos + 1;
                 END IF;
            END LOOP;
            IF token_count = 0 THEN
                 token_count := 1;
                 token := compName ;
                 vSQL := vSQL || ' AND CS.COMPANY_NAME LIKE ''% ' || token || ' %'' ';
                 ELSE
                 token_count := token_count + 1;
                 token := substr(P_COMP_BUS_NAME, start_pos);
                 vSQL := vSQL || ' AND CS.COMPANY_NAME LIKE ''% ' || token || ' %'' ';
            END If;
  Any help or advice is welcome and appreciated.

• Single Quote problem with javascript

  Hello;
  I have a custom popup search page that work very well most times. if the data that I am passing back to me calling page has a single quote in it the popup page fails. Take a look at this URL that is called and you van see why the single quote is causing the problem.
  javascript:passBackSearch('413','TOM'S GRILL')

  To make it more clear, it should be
  javascript:passBackSearch('413',"TOM'S GRILL") Patrick
  My APEX Blog: http://inside-apex.blogspot.com
  The ApexLib Framework: http://apexlib.sourceforge.net
  The APEX Builder Plugin: http://sourceforge.net/projects/apexplugin/

• Single quotes problem with execute immediate

  Thanks for considering to solve the issue.
  [i]Situation:
  I am trying to create a procedure to perform a set of operations. As part of that, I am trying to create a table using execute immediate statement. This create table statement has a select sub query where p_LOB3 is the variable for the procedure of datatype varchar2.
  Problem :
  I need to pass the variable p_LOB3 as single quoted as it is of type Varchar2. Also I need to enclose the entire create table query within single quotes. How do I specify this as it is throwing an error when the PL/SQL engine is parsing the single quotes in the query used twice for different purposes as mention earlier.
  Query:
  execute immediate'create table test5 as select min(contract_number)as contract_number,contact_id,max(line_of_business) as line_of_business from mytable group by contact_id having min(contract_number) = max(contract_number) and max(Line_of_business) = 'p_LOB3' ';

  Thank you Todd,
  Is just worked fine.
  New issue is: I am not able to put 2 such statements in a single procedure and execute. Before I give parameters to the procedure, PL/SQL engine is actually creating a view of the mytable and naming is as test5, as a result I am not able to create a table as there is a view with the same name.
  Right now, the workaround I am using is to create three different procedures to create three such tables. I know this is not a good idea....can you please tell me if there is a better way.
  Procedure
  CREATE OR REPLACE PROCEDURE SP_CREATE_0_0(p_LOB1 IN varchar2, p_LOB2 IN varchar2)
  IS
  BEGIN
  execute immediate 'create table test5 as select min(contract_number) as
  contract_number,contact_id,max(line_of_business) as line_of_business from
  mytable group by contact_id having min(contract_number) = max(contract_number)
  and max(Line_of_business) = ' ' ' || p_LOB1 || ' ' ' ';
  execute immediate 'create table test5 as select min(contract_number) as
  contract_number,contact_id,max(line_of_business) as line_of_business from
  mytable group by contact_id having min(contract_number) = max(contract_number)
  and max(Line_of_business) = ' ' ' || p_LOB1 || ' ' ' ';
  END SP_CREATE_0_0;
  /