John Topley’s Weblog

My development efforts were halted today by a frustrating but interesting few hours spent trying to track down and fix a bug in the UI for the Java framework we're developing. The contents of an HTML text field were being truncated when saved to the database if the text contained an apostrophe. The text after and including the apostrophe was discarded.

I thought I knew where the cause of the problem lay and homed straight in on that piece of code. I knew that apostrophes have to be escaped with another apostrophe when inserting text into an Oracle database. I was using a JDBC PreparedStatement object and according to everything I could find on the subject using Google Groups, this should automatically take care of such issues, but it wasn't happening. I even tried writing my own method to manually loop through the string and double up any apostrophes but the text was still truncated in the database table. It was only when I added logging statements to the start of the relevant methods that it became clear that the text was going into the database correctly and that the problem actually lay elsewhere.

It turned out to be because of the way we were passing state between our JSPs using HTML hidden fields:

<input type="hidden" value='<%=request.getAttribute("textProperty")%>'>

—What we should have been doing was using the Jakarta Struts hidden field tag:

<html:hidden property="textProperty" />

By the way, the only reason we were not using the Struts' tag in the first place was simply because when the JSPs were originally written during a RAD workshop, neither my colleague nor I could remember what the tag was called (pretty stupid, I know—it's obvious!) or find any reference to it in any of the books we had to hand. And we didn't have an Internet connection available.

Today I learnt that the Struts' tag libraries automagically take care of issues such as escaping characters for you, so it pays to use them where possible. JSP taglibs rock!