Hibernate Community • View topic - Problem escaping characters using Criteria object

View unanswered posts | View active topics

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

Problem escaping characters using Criteria object

Page 1 of 1

[ 2 posts ]

Previous topic | Next topic

Author

Message

hibernateuser1234

Post subject: Problem escaping characters using Criteria object

Posted: Fri Feb 24, 2006 6:39 am

Newbie

Joined: Fri Feb 24, 2006 6:21 am
Posts: 1

Hi,

I have the following piece of generic code that does searches for various
hibernate objects...

.....

Code:

Criteria crit = hsession.createCriteria(findObject.getClass());
         Example ex  =  Example.create(findObject) ;
         ex.enableLike();
         ex.ignoreCase();
         crit.add( ex );
         return crit.list();

The problem is if I pass an object that has fields with characters that
have special meaning e.g. the backslash, this is not handled correctly
by the SQL generation code and thus the search fails, i.e. the backslash is not escaped using '\\\\'.

Is there some method or is there a way to tell hibernate to 'escape' the
'\' (and all the other chars that have special meaning) so that the search works correctly for the populated field in the findObject?

Thanks in advance for any help here.

Top

tenwit

Post subject:

Posted: Sun Feb 26, 2006 7:13 pm

Expert

Joined: Thu Dec 23, 2004 9:08 pm
Posts: 2008

Nope. The correct time to ensure that your backslashes are escaped, etc., is when you're putting them into the query/example string. If you're going to write code to do it en masse, at the end, then don't forget to check for SQL injection traps.

Top

Page 1 of 1

[ 2 posts ]

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum