| Bug #1047 | Can't insert String includes ' when encoding as GBK | ||
|---|---|---|---|
| Submitted: | 14 Aug 2003 0:44 | Modified: | 14 Aug 2003 5:48 |
| Reporter: | [ name withheld ] | Email Updates: | |
| Status: | Duplicate | Impact on me: | |
| Category: | Connector / J | Severity: | S2 (Serious) |
| Version: | 3.0.8 | OS: | Linux (Linux) |
| Assigned to: | Mark Matthews | CPU Architecture: | Any |
[14 Aug 2003 5:48]
Mark Matthews
This is a duplicate of #879 which has already been fixed. See the nightly snapshots page for a version of Connector/J with the fix at http://mmmysql.sourceforge.net/snapshots/stable/
Description: I set the JDBC's URL as jdbc:mysql://localhost/mydb?useUnicode=true&characterEncoding=GBK. When I want to setString of a PreparedStatement, and the String include character ', the executeUpdate will fail. I read the source code and find the problem is that: in StringUtils.java, if the encoding.equalsIgnoreCase("GBK")), it will call b = escapeSJISByteStream(b); This method escape \ but not escape ', so that the String abc\'def will be escaped as abc\\'def, so the errors occurs How to repeat: set the URL as jdbc:mysql://localhost/mydb?useUnicode=true&characterEncoding=GBK and set the String includes an ' in a PreparedStatement Suggested fix: Remove these lines at StringUtils.java if (encoding.equalsIgnoreCase("SJIS") || encoding.equalsIgnoreCase("BIG5") || encoding.equalsIgnoreCase("GBK")) { b = escapeSJISByteStream(b); } I don't know what's the usage of these lines, since the \ will be escaped when setString