Revision b457c481
Added by Andreas Müller almost 3 years ago
| cdmlib-persistence/src/main/java/eu/etaxonomy/cdm/database/update/v523_525/CollectorTitleUpdater.java | ||
|---|---|---|
| 82 | 82 |
} |
| 83 | 83 |
rs2.close(); |
| 84 | 84 |
String collectorTitleCache = TeamDefaultCacheStrategy.INSTANCE().getCollectorTitleCache(team); |
| 85 |
collectorTitleCache = escapeSingleQuote(collectorTitleCache); |
|
| 86 |
sql = " UPDATE @@AgentBase@@ SET collectorTitleCache = '" + collectorTitleCache + "' WHERE id = " + id; |
|
| 85 |
sql = " UPDATE @@AgentBase@@ SET collectorTitleCache = '" + escapeSingleQuote(collectorTitleCache) + "' WHERE id = " + id; |
|
| 87 | 86 |
datasource.executeUpdate(caseType.replaceTableNames(sql)); |
| 88 | 87 |
} |
| 89 | 88 |
}else if ("Person".equalsIgnoreCase(dtype)){
|
| ... | ... | |
| 111 | 110 |
person.setTitleCache(titleCache, protectedTitleCache); |
| 112 | 111 |
String collectorTitle = PersonDefaultCacheStrategy.INSTANCE().getCollectorTitleCache(person); |
| 113 | 112 |
|
| 114 |
String sql = "UPDATE @@AgentBase@@ SET collectorTitleCache = '"+collectorTitle+"', collectorTitle = '"+collectorTitle+"' WHERE id = " + id;
|
|
| 113 |
String sql = "UPDATE @@AgentBase@@ SET collectorTitleCache = '"+escapeSingleQuote(collectorTitle)+"', collectorTitle = '"+escapeSingleQuote(collectorTitle)+"' WHERE id = " + id;
|
|
| 115 | 114 |
datasource.executeUpdate(caseType.replaceTableNames(sql)); |
| 116 | 115 |
return person; |
| 117 | 116 |
} |
Also available in: Unified diff
ref #4311 fix single quote escape in collectorTitle updater (cont.)