ruanwenjun commented on PR #15865:
URL:
https://github.com/apache/dolphinscheduler/pull/15865#issuecomment-2062985502
> > I am not clear about this problem. It seems we have changed the
placeholder to `?` so we can not distinguish `?` is from a placeholder or user
input.
> > If so, why need to change the placeholder to `?`.
>
> In the method
`org.apache.dolphinscheduler.plugin.task.sql.SqlTask#getSqlAndSqlParamsMap`,
all instances of `${}` are first replaced with `?`. As a result, if the SQL
already contains `?`, it becomes difficult to distinguish whether the `?` comes
from user input or is a placeholder. Then, in the method
`org.apache.dolphinscheduler.plugin.task.api.utils.ParameterUtils#expandListParameter`,
the SQL is split based on `?`. If the user input contains `?`, an additional
split will occur, leading to a NPE when executing `for (int i = 1; i <
split.length; i++) { Property property = params.get(i); }`. Therefore, I am
considering replacing the `?` in user input with another marker before the
`replaceAll(regex, "?")` call to avoid confusion. Finally, recover the `?` in
the user input.
It's better to fix this in `getSqlAndSqlParamsMap `, change `${}` to `?` is
not a good choice.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
