java: String strTest = "has a '";//prepare string to DB strTest.replaceAll("'","''"); //strTest ==>has a ''String strSql = "inser into test values('" + strTest + "')";
其实要是严密点,对sql的检验都存在一些特殊符号的检验问题! 你的是’直接可以转义''来实现! public String addQuote(String arr) { if (arr!=null){ arr = StrReplace(arr,"'","''"); } return arr; } public String StrReplace(String rStr, String rFix, String rRep) { if (rStr==null||rStr.equals("")) return ""; if (rFix==null||rFix.equals("")||rRep==null) return rStr; String gRtnStr=""; try{ int l = 0; gRtnStr = rStr; do { l = rStr.indexOf(rFix,l); if(l == -1) break; gRtnStr = rStr.substring(0,l) + rRep + rStr.substring(l + 1); l += rRep.length(); rStr = gRtnStr; }while(true); }catch(Exception e){ e.printStackTrace(); } return gRtnStr.substring(0, gRtnStr.length()); }
String strTest = "has a '";//prepare string to DB
strTest.replaceAll("'","''"); //strTest ==>has a ''String strSql = "inser into test values('" + strTest + "')";
你的是’直接可以转义''来实现! public String addQuote(String arr)
{
if (arr!=null){
arr = StrReplace(arr,"'","''");
}
return arr;
}
public String StrReplace(String rStr, String rFix, String rRep)
{
if (rStr==null||rStr.equals("")) return "";
if (rFix==null||rFix.equals("")||rRep==null) return rStr;
String gRtnStr="";
try{
int l = 0;
gRtnStr = rStr;
do
{
l = rStr.indexOf(rFix,l);
if(l == -1) break;
gRtnStr = rStr.substring(0,l) + rRep + rStr.substring(l + 1);
l += rRep.length();
rStr = gRtnStr;
}while(true);
}catch(Exception e){
e.printStackTrace();
}
return gRtnStr.substring(0, gRtnStr.length());
}