Issue 131 in jwpl: PageQueryIterable doesn't escape special characters
1 view
Skip to first unread message
jw...@googlecode.com
Nov 9, 2014, 3:52:31 AM11/9/14
to jwpl...@googlegroups.com
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 131 by lukasz...@gmail.com: PageQueryIterable doesn't escape
special characters
https://code.google.com/p/jwpl/issues/detail?id=131
What steps will reproduce the problem?
1. Create PageQuery object with title pattern containing quote character
(').
2. Invoke wikipedia.getPages(pageQuery).
What is the expected output? What do you see instead?
I'm getting hibernate exception saying nested transaction is not supported.
What version of the product are you using? On what operating system?
1.0
Please provide any additional information below.
In PageQueryIterable class, the SQL query shouldn't be created by
concatenating some strings. I have fixed this issue myself temporarily by
using query with named parameters and then binding them to proper values
from PageQuery object. I'm pasting the code change below:
...
String hql = "select p.pageId from Page as p where p.name like :name";
Query q = session.createQuery(hql);
q.setParameter("name", query.getTitlePattern());
pageIdList = q.list();
...
Note I need only title pattern field in the HQL query.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 131 by lukasz...@gmail.com: PageQueryIterable doesn't escape
special characters
https://code.google.com/p/jwpl/issues/detail?id=131
What steps will reproduce the problem?
1. Create PageQuery object with title pattern containing quote character
(').
2. Invoke wikipedia.getPages(pageQuery).
What is the expected output? What do you see instead?
I'm getting hibernate exception saying nested transaction is not supported.
What version of the product are you using? On what operating system?
1.0
Please provide any additional information below.
In PageQueryIterable class, the SQL query shouldn't be created by
concatenating some strings. I have fixed this issue myself temporarily by
using query with named parameters and then binding them to proper values
from PageQuery object. I'm pasting the code change below:
...
String hql = "select p.pageId from Page as p where p.name like :name";
Query q = session.createQuery(hql);
q.setParameter("name", query.getTitlePattern());
pageIdList = q.list();
...
Note I need only title pattern field in the HQL query.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
jw...@googlecode.com
Nov 12, 2014, 11:46:39 AM11/12/14
to jwpl...@googlegroups.com
Updates:
Status: Accepted
Comment #1 on issue 131 by torsten....@gmail.com: PageQueryIterable doesn't
Thanks for reporting this.
There already is a TODO in the code for quite a while that says we need to
improve that.
PageQuery is not used very often, as it is not implemented efficiently
anyway, fixing this has low priority.
Any time going into this would probably better be invested in a proper
indexing.
I leave that issue open in order to document the short-coming.
Status: Accepted
Comment #1 on issue 131 by torsten....@gmail.com: PageQueryIterable doesn't
Thanks for reporting this.
There already is a TODO in the code for quite a while that says we need to
improve that.
PageQuery is not used very often, as it is not implemented efficiently
anyway, fixing this has low priority.
Any time going into this would probably better be invested in a proper
indexing.
I leave that issue open in order to document the short-coming.
Reply all
Reply to author
Forward
0 new messages