[postgis-users] Inserting geometries using a JDBC PreparedStatement
Yeroc
cplists at gmail.com
Tue Jul 25 12:33:20 PDT 2006
Guido,
Yes I removed the single (') quotes. JDBC drivers are supposed to handle
all the quoting for you. This is a good thing in general since you don't
have to worry about the idiosyncracies of different databases. Using
PreparedStatements and a properly-written JDBC driver will also protect you
from SQL injection since the driver takes care escaping/quoting things
properly.
Corey
Guido Lemoine wrote:
>
> So, did you remove the single ' quotes? I had to revise the code that used
> an old JDBC driver (requiring the ' quote) to the new 8.x driver where the
> use of the quote causes an error. Obviously a JDBC driver problem then.
> On the "back-end" you still need the quote, i.e. when using psql. It's
> nice
> that the new driver takes care of the quotes, but not really consistent. I
> would expect the SQL statements in my Java code to be more or less the
> same as in psql.
>
--
View this message in context: http://www.nabble.com/Inserting-geometries-using-a-JDBC-PreparedStatement-tf1993730.html#a5491717
Sent from the PostGIS - User forum at Nabble.com.
More information about the postgis-users
mailing list