unico 2005/06/15 03:12:50
Modified: src/stores/org/apache/slide/store/impl/rdbms/expression Tag:
SLIDE_2_1_RELEASE_BRANCH
RDBMSNotPropContainsExpression.java
RDBMSCompareExpression.java
RDBMSPropContainsExpression.java
Log:
escape single quotes in DASL literal strings
Revision Changes Path
No revision
No revision
1.2.2.3 +4 -4
jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSNotPropContainsExpression.java
Index: RDBMSNotPropContainsExpression.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSNotPropContainsExpression.java,v
retrieving revision 1.2.2.2
retrieving revision 1.2.2.3
diff -u -r1.2.2.2 -r1.2.2.3
--- RDBMSNotPropContainsExpression.java 22 Nov 2004 13:41:32 -0000
1.2.2.2
+++ RDBMSNotPropContainsExpression.java 15 Jun 2005 10:12:50 -0000
1.2.2.3
@@ -50,7 +50,7 @@
}
sb.append(c);
}
- return sb.toString();
+ return escapeLiteral(sb.toString());
}
}
1.4.2.5 +21 -5
jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSCompareExpression.java
Index: RDBMSCompareExpression.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSCompareExpression.java,v
retrieving revision 1.4.2.4
retrieving revision 1.4.2.5
diff -u -r1.4.2.4 -r1.4.2.5
--- RDBMSCompareExpression.java 23 Nov 2004 16:04:18 -0000 1.4.2.4
+++ RDBMSCompareExpression.java 15 Jun 2005 10:12:50 -0000 1.4.2.5
@@ -88,7 +88,7 @@
return "(p" + _tableIndex + ".PROPERTY_NAME = '" + getPropertyName()
+ "' AND " +
"p" + _tableIndex + ".PROPERTY_NAMESPACE = '" +
getPropertyNamespace() + "' AND " +
"p" + _tableIndex + ".PROPERTY_VALUE " +
COMPARE_OPERATORS.get(_element.getName())
- + " '" + literal.getTextNormalize() + "')";
+ + " '" + escapeLiteral(literal.getTextNormalize()) + "')";
}
protected String join() {
@@ -121,4 +121,20 @@
return getProperty().getNamespaceURI();
}
-}
\ No newline at end of file
+ /**
+ * Single quotes need to be escaped.
+ */
+ protected static String escapeLiteral(String literal) {
+ StringBuffer sb = new StringBuffer(literal.length() + 3);
+ for (int i = 0, l = literal.length(); i < l; i++) {
+ char c = literal.charAt(i);
+ if (c == '\'') {
+ sb.append("''");
+ }
+ else {
+ sb.append(c);
+ }
+ }
+ return sb.toString();
+ }
+}
1.2.2.3 +4 -4
jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSPropContainsExpression.java
Index: RDBMSPropContainsExpression.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/stores/org/apache/slide/store/impl/rdbms/expression/RDBMSPropContainsExpression.java,v
retrieving revision 1.2.2.2
retrieving revision 1.2.2.3
diff -u -r1.2.2.2 -r1.2.2.3
--- RDBMSPropContainsExpression.java 22 Nov 2004 13:41:32 -0000 1.2.2.2
+++ RDBMSPropContainsExpression.java 15 Jun 2005 10:12:50 -0000 1.2.2.3
@@ -52,7 +52,7 @@
}
sb.append(c);
}
- return sb.toString();
+ return escapeLiteral(sb.toString());
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
