Revision f81b22b6
Added by Patrick Plitzner over 7 years ago
src/main/java/eu/etaxonomy/cdm/vaadin/util/CdmQueryFactory.java | ||
---|---|---|
12 | 12 |
import java.sql.SQLException; |
13 | 13 |
import java.util.Iterator; |
14 | 14 |
import java.util.List; |
15 |
import java.util.regex.Matcher; |
|
16 |
import java.util.regex.Pattern; |
|
15 | 17 |
|
16 | 18 |
import org.apache.commons.lang.StringUtils; |
17 | 19 |
|
... | ... | |
94 | 96 |
for(String term : termList){ |
95 | 97 |
SELECT_QUERY += "MAX( IF(area.titleCache = '"+ term +"', statusTerm.titleCache, NULL) ) as '"+ term +"'," ; |
96 | 98 |
} |
97 |
SELECT_QUERY = StringUtils.stripEnd(SELECT_QUERY, ","); |
|
99 |
SELECT_QUERY = StringUtils.stripEnd(SELECT_QUERY, ",")+" ";
|
|
98 | 100 |
SELECT_QUERY= SELECT_QUERY + FROM_QUERY + GROUP_BY + ORDER_BY; |
99 | 101 |
String COUNT_QUERY = "SELECT count(DISTINCT tb.id)" + FROM_QUERY; |
100 | 102 |
String CONTAINS_QUERY = "SELECT * FROM TaxonBase tb WHERE tb.uuid = ?"; |
101 |
|
|
103 |
//Escape SQL control character ' |
|
104 |
Pattern p = Pattern.compile("(\\w+)'(\\w+)"); |
|
105 |
Matcher m = p.matcher(SELECT_QUERY); |
|
106 |
if (m.find()) { |
|
107 |
SELECT_QUERY = m.replaceAll("$1\\\\'$2"); |
|
108 |
} |
|
102 | 109 |
return generateQueryDelegate(SELECT_QUERY, COUNT_QUERY, CONTAINS_QUERY); |
103 | 110 |
} |
104 | 111 |
|
Also available in: Unified diff
ref #5458 Escape SQL control character '