Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-14153

Provide a way to describe what part of a query parameter should be escaped

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 8.4.4
    • Fix Version/s: 9.3-rc-1, 8.4.5
    • Component/s: Query
    • Labels:
      None
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      Example usage:

          #set($childCountXWQL = "WHERE doc.fullName LIKE :space AND doc.fullName <> :fullName")
          #set ($query = $services.query.xwql($childCountXWQL))
          #set ($query = $query.bindValue('space').literal($doc.space).literal('.').anyChars().query())
          #set ($query = $query.bindValue('fullName', $doc.fullName))
          #set($childCount = $query.addFilter('unique').addFilter('escapeLikeParameters').count())
      
      #set ($queryParams = [])
      #if ("$!request.space" != '')
        #set ($whereQueryPart = "${whereQueryPart} AND doc.space = ?")
        #set ($discard = $queryParams.add($services.query.parameter().literal($request.space)))
      #end
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                vmassol Vincent Massol
                Reporter:
                vmassol Vincent Massol
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: