You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@velocity.apache.org by mumu <sp...@gmail.com> on 2009/04/24 13:14:41 UTC

sql filter

Hello

When using sql filter, the ' are replace with '' .

But there is little problem, when using "&" in the field. Perhaps it's not a
bug.

Nevertheless, when you add a sqlMyField "-- youger & older people", the & is
considerer a prompt for a value.
We can says that's the problem come from sqlplus, but as it widely use,
perhaps il should be filtered too ?

eventhandler.referenceinsertion.class =
org.apache.velocity.app.event.implement.EscapeSqlReference
eventhandler.escape.sql.match = /sql.*/

André.

Re: sql filter

Posted by Claude Brisson <cl...@renegat.net>.

Hi André,

I'm not sure this does concern Velocity:
 - '&' has no special meaning in sql : it's a specificity of sqlplus
 - interpreting ampersands from inside comments looks like a sqlplus bug

You can always write your own specialization of the EscapeSqlReference
filter to work around this sqlplus bug, it shouldn't be that hard.


Regards,

  Claude Brisson

On ven, 2009-04-24 at 13:14 +0200, mumu wrote:
> Hello
> 
> When using sql filter, the ' are replace with '' .
> 
> But there is little problem, when using "&" in the field. Perhaps it's not a
> bug.
> 
> Nevertheless, when you add a sqlMyField "-- youger & older people", the & is
> considerer a prompt for a value.
> We can says that's the problem come from sqlplus, but as it widely use,
> perhaps il should be filtered too ?
> 
> eventhandler.referenceinsertion.class =
> org.apache.velocity.app.event.implement.EscapeSqlReference
> eventhandler.escape.sql.match = /sql.*/
> 
> André.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@velocity.apache.org
For additional commands, e-mail: dev-help@velocity.apache.org