You are viewing a plain text version of this content. The canonical link for it is here.
Posted to taglibs-dev@jakarta.apache.org by mo...@apache.org on 2001/03/20 19:12:35 UTC
cvs commit: jakarta-taglibs/jdbc/examples/web jdbc.jsp
morgand 01/03/20 10:12:33
Modified: jdbc/examples/web jdbc.jsp
Log:
added try/catch block to catch errors in InstantDB, which does not
support standard SQL escaping
Revision Changes Path
1.6 +20 -11 jakarta-taglibs/jdbc/examples/web/jdbc.jsp
Index: jdbc.jsp
===================================================================
RCS file: /home/cvs/jakarta-taglibs/jdbc/examples/web/jdbc.jsp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- jdbc.jsp 2001/03/06 21:19:32 1.5
+++ jdbc.jsp 2001/03/20 18:12:27 1.6
@@ -23,7 +23,7 @@
<!-- should be empty -->
<table>
<tr><th>id</th><th>name</th><th>description</th><th>rowCount</th></tr>
-<sql:preparedStatement id="stmt2" conn="conn1">
+<sql:preparedStatement id="stmt2" conn="conn1">
<sql:query>
select id, name, description from test_books
order by 1
@@ -47,13 +47,22 @@
<P><B>Inseting a row using the "statement" tag</B></P>
+<%-- added try block because InstantDB has trouble with SQL escaping --%>
+<% try { %>
<sql:statement id="stmt3" conn="conn1">
<sql:query>
- insert into test_books (id, name)
+ insert into test_books (id, name)
values (3, '<sql:escapeSql>Gravity's Rainbow</sql:escapeSql>')
</sql:query>
<sql:execute/>
</sql:statement>
+<% } catch (javax.servlet.jsp.JspTagException e) { %>
+ <font color="red"<p>Possible SQL error:</p>
+ <dl><dd><%= e.toString() %></dd></dl>
+ <p>Your database (InstantDB?) may not support
+ standard SQL escaping. You will probably have to escape your
+ SQL manually, rather than use the <sql:escapeSql> tags.</p></font>
+<% } %>
<P><B>Showing current contents of the "test_books" table</B></P>
@@ -82,7 +91,7 @@
<P><B>Selecting back the title of book 3, assigning the value to an attribute</B></P>
-<sql:preparedStatement id="stmt5" conn="conn1">
+<sql:preparedStatement id="stmt5" conn="conn1">
<sql:query>
select name from test_books
where id = 3
@@ -102,9 +111,9 @@
<P><B>Inserting that title into a new row with a "preparedStatement" tag, adding
a description</B></P>
-<sql:preparedStatement id="stmt6" conn="conn1">
+<sql:preparedStatement id="stmt6" conn="conn1">
<sql:query>
- insert into test_books (id, name, description)
+ insert into test_books (id, name, description)
values (?, ?, ?)
</sql:query>
<sql:execute>
@@ -119,7 +128,7 @@
<table>
<tr><th>id</th><th>name</th><th>description</th></tr>
-<sql:preparedStatement id="stmt6" conn="conn1">
+<sql:preparedStatement id="stmt6" conn="conn1">
<sql:query>
select id, name, description from test_books
order by 1
@@ -140,7 +149,7 @@
</td>
</tr>
</sql:preparedStatement>
-</table>
+</table>
<p><b>For fun, pretend that the ids are British money</b></p>
@@ -166,7 +175,7 @@
<P><B>Prove that an empty resultset executes the wasEmpty tag</B></P>
-<sql:preparedStatement id="stmt6" conn="conn1">
+<sql:preparedStatement id="stmt6" conn="conn1">
<!-- impossible statement -->
<sql:query>
select id, name, description from test_books
@@ -174,10 +183,10 @@
</sql:query>
<sql:resultSet id="rset4">
<p>
-
+
<!-- show that rowCount works for a no rows -->
retrieved row <sql:rowCount/>
-
+
<sql:getColumn position="1"/>
<sql:getColumn position="2"/>
<sql:getColumn position="3" to="description"/>
@@ -193,7 +202,7 @@
<P><B>Closing the database connection</B></P>
-
+
<sql:closeConnection conn="conn1"/>
<P><B>Connection is closed?</B></P>