0

I've a webservice running and Android devices reading data from it. The data I want to send, is slashed by the server, to avoid hacking issues. Once its escapped, it's being saved into the database.

But when I'm reading this data again, it's being returned like this: "Baba O\'Riley" instead of "Baba O'Riley".

I think its pretty "correct" and that what I've to do, is to clean the string I get of backslashes with a function like Stripslashes in PHP.

http://es1.php.net/manual/es/function.stripslashes.php

However, I couldn't find any function to do this in Java.

Any idea?

Dharman
  • 30,962
  • 25
  • 85
  • 135
Reinherd
  • 5,476
  • 7
  • 51
  • 88
  • It sounds like the server is escaping the data one two many times - if it were escaped properly, the database would remove the backslashes as part of storing the data. My guess is the data is being sanitized by the frontend, then sent to the database using a method such as parameterized queries that handles its own escaping. – Brilliand Jan 27 '14 at 23:17

3 Answers3

5

You can use string.replace() function. See String replace a Backslash and How to replace backward slash to forward slash using java? 

String replacedStr = stringname.replace("\\", "");
Community
  • 1
  • 1
Shobhit Puri
  • 25,769
  • 11
  • 95
  • 124
  • Imagine a user decides to actually put a backslash on the String. Like "This is a backslash: \". This string would be saved like "This is a backslash: \\". So with the replace, it would be ending like: "This is a backslash: ". Am I wrong? – Reinherd Aug 18 '13 at 09:59
  • I think so. Curious to know does the similar function in Php doesn't do that? How does it recognize of user is specifying the back slash in the string? If I saw correctly from the examples, even the PhP function will do that. Isn't it ? – Shobhit Puri Aug 18 '13 at 10:02
  • 1
    The PHP function treats backslashes as escape characters, rather than simply stripping them. Basically, a lone backslash is stripped, but a double backslash becomes one backslash. – Brilliand Jan 27 '14 at 22:54
0

I'm having trouble finding a genuinely suitable Java function for this, but this is at least better than the currently accepted answer:

String replacedStr = stringname.replace("\\\\", "!~!").replace("\\", "").replace("!~!", "\\");

(Replace !~! with some sequence of characters that's sufficiently unlikely to appear in the string)

This method works by replacing double backslashes with a sufficiently uncommon marker for safekeeping, stripping all backslashes, then changing the uncommon marker back to a single backslash. It's slower than the state machine that PHP uses, since it makes three passes, but that's unlikely to make a noticeable difference.

Brilliand
  • 13,404
  • 6
  • 46
  • 58
-1
\n,\r, \t,\v,\f,\e....

When dealing with characters listed above the JAVA function

 String replacedStr = stringname.replace("\\", "");

are different from PHP function

Glorfindel
  • 21,988
  • 13
  • 81
  • 109
HC Luo
  • 1
  • 1