You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@juddi.apache.org by Jin Tong <ni...@yahoo.com> on 2003/07/30 10:23:11 UTC
[juddi-Developers] jdbc query construction approaches
Hi:
I feel it is better to send to this list rather than
the uses list.
Well I hit a bug in Systinet UDDI server (v4.5). When
I was doing any
kind of search using a string that contains "'" --
apostrophe, I got the
sql error. Apostrophes are not properly escaped in
their SQL. This leads
me to try out jUDDI. I found the same thing.
I realize in jUDDI all the sql queries are built on
the fly be appending
the query parameters. It is going to be a long list of
bug report for
this issue.
Using prepared statement might complicate the code
even further, but it
avoids with the above special sql character problem
and also will help
improve performance (I heard in the case of Oracle db,
e.g., their jdbc
drivers will optimize for prepared statement).
However, just to get it
to work, some generic routine to properly escape all
the sql characters
will also fine.
Thanks,
--Jin
BTW, Systinet UDDI 4.5.2 seem to have resolved this
sql problem:)
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com