EscapeSql (Geotools modules 27-SNAPSHOT API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Object
- EscapeSql

```
public class EscapeSql
extends Object
```
Perform basic SQL validation on input string. This is to allow safe encoding of parameters that must contain quotes, while still protecting users from SQL injection.
We prevent SQL from breaking out of quotes by replacing any quotes in input stream with double quotes. Backslashes are too risky to allow so are removed completely

- Constructor Summary
  
  Constructors
  Constructor and Description
  
  EscapeSql()
- Method Summary
  
  All Methods Static Methods Concrete Methods
  Modifier and Type Method and Description
  
  static String escapeSql(String str)
  - Methods inherited from class Object
    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- EscapeSql
```
public EscapeSql()
```

Method Detail

escapeSql

public static String escapeSql(String str)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 1996–2022 Geotools. All rights reserved.