I seem to be having issues. I have a query string that has values that can contain single quotes. This will break the query string. So I was trying to do a replace to change ' to \'.

Here is a sample code:

"This is' it".replace("'", "\'");

The output for this is still:

"This is' it".

It thinks I am just doing an escape character for the quote.

So I tried these two pieces of code:

"This is' it".replace("'", "\\'"); // \\ for the backslash, and a ' char

"This is' it".replace("'", "\\\'"); // \\ for the backslash, and \' for the ' char

Both of the above STILL results in the same output:

"This is' it"

I can only seem to get this to actually spit out a slash with:

"This is' it".replace("'", "\\\\'");

Which results in:

"This is\\' it"

Any suggestions? I just want to replace a ' with \'.

It doesn't seem like it should be that difficult.

解决方案

First of all, if you are trying to encode apostophes for querystrings, they need to be URLEncoded, not escaped with a leading backslash. For that use URLEncoder.encode(String, String) (BTW: the second argument should always be "UTF-8"). Secondly, if you want to replace all instances of apostophe with backslash apostrophe, you must escape the backslash in your string expression with a leading backslash. Like this:

"This is' it".replace("'", "\\'");

Edit:

I see now that you are probably trying to dynamically build a SQL statement. Do not do it this way. Your code will be susceptible to SQL injection attacks. Instead use a PreparedStatement.