[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgis-users
Subject:    Re: [postgis-users] Inserting geometries using a JDBC
From:       Yeroc <cplists () gmail ! com>
Date:       2006-07-25 19:33:20
Message-ID: 5491717.post () talk ! nabble ! com
[Download RAW message or body]


Guido,

Yes I removed the single (') quotes.  JDBC drivers are supposed to handle
all the quoting for you.  This is a good thing in general since you don't
have to worry about the idiosyncracies of different databases.  Using
PreparedStatements and a properly-written JDBC driver will also protect you
from SQL injection since the driver takes care escaping/quoting things
properly.

Corey


Guido Lemoine wrote:
> 
> So, did you remove the single ' quotes? I had to revise the code that used
> an old JDBC driver (requiring the ' quote) to the new 8.x driver where the
> use of the quote causes an error. Obviously a JDBC driver problem then.
> On the "back-end" you still need the quote, i.e. when using psql. It's
> nice
> that the new driver takes care of the quotes, but not really consistent. I
> would expect the SQL statements in my Java code to be more or less the
> same as in psql.
> 
-- 
View this message in context: \
http://www.nabble.com/Inserting-geometries-using-a-JDBC-PreparedStatement-tf1993730.html#a5491717
 Sent from the PostGIS - User forum at Nabble.com.


[prev in list] [next in list] [prev in thread] [next in thread]