[ https://issues.apache.org/jira/browse/SOLR-1831?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12847388#action_12847388 ]
Noble Paul commented on SOLR-1831: ---------------------------------- this is not a bug . use the escapeSql function .to escape special chars > DataImportHandler not escaping single quotes > -------------------------------------------- > > Key: SOLR-1831 > URL: https://issues.apache.org/jira/browse/SOLR-1831 > Project: Solr > Issue Type: Bug > Components: contrib - DataImportHandler > Affects Versions: 1.4, 1.5 > Environment: Windows XP Pro SP3 > java 1.6.0.18 > Solr 1.4 and Solr 1.5-dev using example-DIH and example start.jar > MySQL 5.1 > Reporter: Kevin > > SQL queries are not being properly escaped. Single quotes are being passed to > SQL driver. Despite line 78 of EvaluatorBag.java single quotes are being > retrieved in fields from the parent entity. When a field containing a single > quote is referenced via variable in a child entity's query string it does not > get escaped. > I have tested this in both 1.4 and 1.5-dev and receive the same result. Below > is the error that I received when this happened: > SEVERE: Exception while processing: person document : > solrInputDocument[{Person_hasAlias=Person_hasAlias(1.0)={Al'fiuwa}, > id=id(1.0)={http://x.yz/bk/aya/}, > Person_hasTempRi=Person_hasTempRi(1.0)={http://x.yz/bk/aya/ > Al'fiuwa}, > Person_hasEmailAddress=Person_hasEmailAddress(1.0)={...@bk.yz}}] > org.apache.solr.handler.dataimport.DataImportHandlerException: Unable to > execute query: SELECT * FROM Message WHERE hasAuthor='http://x.yz/bk/aya/ > > Al'fiuwa' Processing Document # 593 > at > org.apache.solr.handler.dataimport.DataImportHandlerException.wrapAndThrow(DataImportHandlerException.java:72) > at > org.apache.solr.handler.dataimport.JdbcDataSource$ResultSetIterator.<init>(JdbcDataSource.java:251) > at > org.apache.solr.handler.dataimport.JdbcDataSource.getData(JdbcDataSource.java:208) > at > org.apache.solr.handler.dataimport.JdbcDataSource.getData(JdbcDataSource.java:39) > at > org.apache.solr.handler.dataimport.SqlEntityProcessor.initQuery(SqlEntityProcessor.java:58) > at > org.apache.solr.handler.dataimport.SqlEntityProcessor.nextRow(SqlEntityProcessor.java:71) > at > org.apache.solr.handler.dataimport.EntityProcessorWrapper.nextRow(EntityProcessorWrapper.java:233) > at > org.apache.solr.handler.dataimport.DocBuilder.buildDocument(DocBuilder.java:580) > at > org.apache.solr.handler.dataimport.DocBuilder.buildDocument(DocBuilder.java:606) > at > org.apache.solr.handler.dataimport.DocBuilder.doFullDump(DocBuilder.java:261) > at > org.apache.solr.handler.dataimport.DocBuilder.execute(DocBuilder.java:185) > at > org.apache.solr.handler.dataimport.DataImporter.doFullImport(DataImporter.java:333) > at > org.apache.solr.handler.dataimport.DataImporter.runCmd(DataImporter.java:391) > at > org.apache.solr.handler.dataimport.DataImporter$1.run(DataImporter.java:372) > Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You > have an error in your SQL syntax; check the manual that corresponds to your > MySQL server version for the right syntax to use near 'fiuwa'' at line 1 > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > Method) > at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown > Source) > at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown > Source) > at java.lang.reflect.Constructor.newInstance(Unknown Source) > at com.mysql.jdbc.Util.handleNewInstance(Util.java:406) > at com.mysql.jdbc.Util.getInstance(Util.java:381) > at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1030) > at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:956) > at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3515) > at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3447) > at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1951) > at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2101) > at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2548) > at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2477) > at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:741) > at com.mysql.jdbc.StatementImpl.execute(StatementImpl.java:587) > at > org.apache.solr.handler.dataimport.JdbcDataSource$ResultSetIterator.<init>(JdbcDataSource.java:244) > ... 12 more -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.