From 28a7aaa4600f70d2517ffd098af7317e8ccdf6b2 Mon Sep 17 00:00:00 2001 From: Collin Alpert Date: Fri, 30 Aug 2019 12:34:04 +0200 Subject: [PATCH] Included character escape in SQL strings --- README.MD | 2 +- pom.xml | 10 +++++----- .../com/github/collinalpert/lambda2sql/SqlVisitor.java | 7 ++++++- .../collinalpert/lambda2sql/test/Lambda2SqlTest.java | 4 ++++ 4 files changed, 16 insertions(+), 7 deletions(-) diff --git a/README.MD b/README.MD index 4158587..7294484 100644 --- a/README.MD +++ b/README.MD @@ -64,7 +64,7 @@ You can include the Maven dependency: com.github.collinalpert lambda2sql - 2.1.3 + 2.1.4 ``` diff --git a/pom.xml b/pom.xml index 431d683..3848bbc 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.github.collinalpert lambda2sql - 2.1.3 + 2.1.4 jar lambda2sql @@ -66,7 +66,7 @@ org.junit.jupiter junit-jupiter-api - 5.3.2 + 5.5.1 test @@ -77,7 +77,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.8.0 + 3.8.1 ${java-version} ${java-version} @@ -99,7 +99,7 @@ org.apache.maven.plugins maven-source-plugin - 3.0.1 + 3.1.0 attach-sources @@ -112,7 +112,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.0.1 + 3.1.1 -html5 diff --git a/src/main/java/com/github/collinalpert/lambda2sql/SqlVisitor.java b/src/main/java/com/github/collinalpert/lambda2sql/SqlVisitor.java index 079b594..5473723 100755 --- a/src/main/java/com/github/collinalpert/lambda2sql/SqlVisitor.java +++ b/src/main/java/com/github/collinalpert/lambda2sql/SqlVisitor.java @@ -160,7 +160,7 @@ public StringBuilder visit(ConstantExpression e) { } if (e.getValue() instanceof String || e.getValue() instanceof Temporal) { - return sb.append("'").append(e.getValue()).append("'"); + return sb.append("'").append(escapeString(e.getValue().toString())).append("'"); } return sb.append(e.getValue().toString()); @@ -318,4 +318,9 @@ private StringBuilder doStringOperation(Expression member, Expression argument, modifier.accept(valueBuilder); return member.accept(new SqlVisitor(this.tableName, this.withBackticks, this.arguments)).append(negated ? " NOT" : "").append(" LIKE ").append(valueBuilder); } + + private String escapeString(String input) { + input = input.replace("\\", "\\\\").replace("'", "\\'"); + return input; + } } \ No newline at end of file diff --git a/src/test/java/com/github/collinalpert/lambda2sql/test/Lambda2SqlTest.java b/src/test/java/com/github/collinalpert/lambda2sql/test/Lambda2SqlTest.java index 0a24b45..cfdd79b 100644 --- a/src/test/java/com/github/collinalpert/lambda2sql/test/Lambda2SqlTest.java +++ b/src/test/java/com/github/collinalpert/lambda2sql/test/Lambda2SqlTest.java @@ -3,6 +3,7 @@ import com.github.collinalpert.lambda2sql.Lambda2Sql; import com.github.collinalpert.lambda2sql.functions.SqlFunction; import com.github.collinalpert.lambda2sql.functions.SqlPredicate; +import com.trigersoft.jaque.expression.LambdaExpression; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; @@ -110,8 +111,11 @@ void testNotNull() { var age = 17; SqlPredicate p = person -> person.getAge() == age || person.getName() != isNull; SqlPredicate p2 = person -> person.getName() != null; + SqlPredicate p3 = person -> person.getName() != null; + p3 = p3.and(t -> t.getAge() == 18); assertPredicateEqual("`person`.`age` = 17 OR `person`.`name` IS NOT NULL", p); assertPredicateEqual("`person`.`name` IS NOT NULL", p2); + assertPredicateEqual("`person`.`name` IS NOT NULL AND `person`.`age` = 18", p3); } @Test