You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2010/05/12 12:52:43 UTC

[jira] Updated: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen updated DERBY-4654:
--------------------------------------

    Attachment: derby-4654.diff

Attaching a patch with a test case that tests whether the returned restriction can be put into the WHERE clause of a SELECT statement. The patch also makes Restriction use the helper method in IdUtil to quote the string, and that makes the test case pass.

Running regression tests now.

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4654.diff
>
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.