Fix ' when using JCR query based on MessageFormat.

author Mathieu Baudier <mbaudier@argeo.org>

Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)

committer Mathieu Baudier <mbaudier@argeo.org>

Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)
author Mathieu Baudier <mbaudier@argeo.org>
Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)
committer Mathieu Baudier <mbaudier@argeo.org>
Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)
diff --git a/org.argeo.jcr/src/org/argeo/jcr/Jcr.java b/org.argeo.jcr/src/org/argeo/jcr/Jcr.java

index 31077737e8e7e789335e263409b2279d190b1b27..72e325d35a40c40ad22a712ae7561fd33ae6ed87 100644 (file)
--- a/org.argeo.jcr/src/org/argeo/jcr/Jcr.java
+++ b/org.argeo.jcr/src/org/argeo/jcr/Jcr.java
@@ -902,6 +902,8 @@ public class Jcr {
         // QUERY
         /** Creates a JCR-SQL2 query using {@link MessageFormat}. */
         public static Query createQuery(QueryManager qm, String sql, Object... args) {
+               // fix single quotes
+               sql = sql.replaceAll("'", "''");
                 String query = MessageFormat.format(sql, args);
                 try {
                         return qm.createQuery(query, Query.JCR_SQL2);
author	Mathieu Baudier <mbaudier@argeo.org>
	Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)
committer	Mathieu Baudier <mbaudier@argeo.org>
	Mon, 19 Jul 2021 08:24:33 +0000 (10:24 +0200)