Groovy
  1. Groovy
  2. GROOVY-4328

Sql.withBatch is not escaping SQL variables

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Won't Fix
    • Affects Version/s: 1.7.3
    • Fix Version/s: None
    • Component/s: SQL processing
    • Labels:
      None
    • Environment:
      Windows 7, Java 1.6.0_20

      Description

      I wanted to replace a loop of sql.update calls like this:

      sql.execute("update Foo set Baz = $

      {baz}

      where Bar = $

      {bar}")

      With

      sql.withBatch(200, { stmt ->
      stmt.addBatch("update Foo set Baz = ${bar}

      where Bar = $

      {bar}

      ")
      })

      But looks like Sql.withBatch is not escaping variables like Sql.execute and Sql.update do
      and the script freaks out as soon as one of the bar variables contains a quote character.

        Activity

        Behrang Saeedzadeh created issue -
        Paul King made changes -
        Field Original Value New Value
        Resolution Won't Fix [ 2 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Assignee Paul King [ paulk ]
        Paul King made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Mark Thomas made changes -
        Project Import Sun Apr 05 13:32:57 UTC 2015 [ 1428240777691 ]
        Mark Thomas made changes -
        Workflow jira [ 12733269 ] Default workflow, editable Closed status [ 12745067 ]
        Mark Thomas made changes -
        Project Import Mon Apr 06 02:11:23 UTC 2015 [ 1428286283443 ]
        Mark Thomas made changes -
        Workflow jira [ 12970868 ] Default workflow, editable Closed status [ 12978638 ]

          People

          • Assignee:
            Paul King
            Reporter:
            Behrang Saeedzadeh
          • Votes:
            2 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development