From: Mathieu Baudier <mbaudier@argeo.org>
Date: Mon, 19 Jul 2021 08:24:33 +0000 (+0200)
Subject: Fix ' when using JCR query based on MessageFormat.
X-Git-Tag: argeo-commons-2.1.103~11
X-Git-Url: https://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=98ff62f2df01366777fda9b4dbe7586b0cd45252

Fix ' when using JCR query based on MessageFormat.
---

diff --git a/org.argeo.jcr/src/org/argeo/jcr/Jcr.java b/org.argeo.jcr/src/org/argeo/jcr/Jcr.java
index 31077737e..72e325d35 100644
--- a/org.argeo.jcr/src/org/argeo/jcr/Jcr.java
+++ b/org.argeo.jcr/src/org/argeo/jcr/Jcr.java
@@ -902,6 +902,8 @@ public class Jcr {
 	// QUERY
 	/** Creates a JCR-SQL2 query using {@link MessageFormat}. */
 	public static Query createQuery(QueryManager qm, String sql, Object... args) {
+		// fix single quotes
+		sql = sql.replaceAll("'", "''");
 		String query = MessageFormat.format(sql, args);
 		try {
 			return qm.createQuery(query, Query.JCR_SQL2);