Home/ Questions/Q 8218559
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T12:50:17+00:00

I’m having trouble with an SQL query. The problem is that I’m querying an

  • 0

I’m having trouble with an SQL query. The problem is that I’m querying an external database of enterprise names and some names are like “Martha’s” (include apostrophes). And because I’m querying from an android app, the query string looks like:

String query = "Select * from Advertiser where AdvName= '" + name + "';";

So is there anyway I could ignore or change the apostrophes in the query?

Thanks in advance!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    That’s one of the reasons why you should always use prepared statements when executing parameterized queries:

    String sql = "select * from Advertiser where AdvName = ?";
PreparedStatement stmt = connection.prepareStatement(sql);
stmt.setString(1, name);
ResultSet rs = stmt.executeQuery();

    The JDBC driver will escape the quotes for you, and this will also prevent SQL injection attacks.

    Prepared statements also have performance advantages when you must execute the same query several times but with different parameters.

    Read more about prepared statements in the JDBC tutorial.

    Side note: you shouldn’t have a ; at the end of your query.

    • 0