I am storing a SQL query in my strings.xml file and I want to use String.Format to build the final string in code. The SELECT statement uses a like, something like this:
SELECT Field1, Field2 FROM mytable WHERE Field1 LIKE '%something%'
In order to format that I replace 'something' with %1$s so it becomes:
SELECT Field1, Field2 FROM mytable WHERE Field1 LIKE \'%%1$s%\'
I escape the single quotes with the backslash. However I am not able to escape the % sign.
How can I include a like statement in my strings.xml file?
To complement the previous stated solution, use:
str = str.replace("%", "%%");
Here's an option if you need to escape multiple %'s in a string with some already escaped.
(?:[^%]|^)(?:(%%)+|)(%)(?:[^%])
To sanitise the message before passing it to String.format, you can use the following
Pattern p = Pattern.compile("(?:[^%]|^)(?:(%%)+|)(%)(?:[^%])");
Matcher m1 = p.matcher(log);
StringBuffer buf = new StringBuffer();
while (m1.find())
m1.appendReplacement(buf, log.substring(m1.start(), m1.start(2)) + "%%" + log.substring(m1.end(2), m1.end()));
// Return the sanitised message
String escapedString = m1.appendTail(buf).toString();
This works with any number of formatting characters, so it will replace % with %%, %%% with %%%%, %%%%% with %%%%%% etc.
It will leave any already escaped characters alone (e.g. %%, %%%% etc.)
This is a stronger regex replace that won't replace %% that are already doubled in the input.
str = str.replaceAll("(?:[^%]|\\A)%(?:[^%]|\\z)", "%%");
Source: Stackoverflow.com