groovy
  1. groovy
  2. GROOVY-4328

Sql.withBatch is not escaping SQL variables

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Won't Fix
    • Affects Version/s: 1.7.3
    • Fix Version/s: None
    • Component/s: SQL processing
    • Labels:
      None
    • Environment:
      Windows 7, Java 1.6.0_20
    • Number of attachments :
      0

      Description

      I wanted to replace a loop of sql.update calls like this:

      sql.execute("update Foo set Baz = $

      {baz}

      where Bar = $

      {bar}")

      With

      sql.withBatch(200, { stmt ->
      stmt.addBatch("update Foo set Baz = ${bar}

      where Bar = $

      {bar}

      ")
      })

      But looks like Sql.withBatch is not escaping variables like Sql.execute and Sql.update do
      and the script freaks out as soon as one of the bar variables contains a quote character.

        Activity

        Paul King made changes -
        Field Original Value New Value
        Resolution Won't Fix [ 2 ]
        Assignee Paul King [ paulk ]
        Status Open [ 1 ] Resolved [ 5 ]
        Paul King made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Paul King
            Reporter:
            Behrang Saeedzadeh
          • Votes:
            2 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: