[ https://issues.apache.org/jira/browse/GROOVY-8804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16626216#comment-16626216 ]
John N Underwood commented on GROOVY-8804: ------------------------------------------ I certainly appreciate Groovy trying to prevent SQL injection. That said... In my sample code, the only difference between the two query strings is that one is declared with `def` (which becomes a `GString`) and the other is declared with `String`. The String version works one way, while the GString version works quite differently. I think this difference in behavior is unexpected and I found it difficult and time-consuming to debug. Is there any *good* way to make the String and GString versions work the same? > Sql.rows(gstring) fails while Sql.rows(string) works > ---------------------------------------------------- > > Key: GROOVY-8804 > URL: https://issues.apache.org/jira/browse/GROOVY-8804 > Project: Groovy > Issue Type: Bug > Components: SQL processing > Affects Versions: 2.4.15, 2.6.0-alpha-4, 3.0.0-alpha-3, 2.5.2 > Reporter: John N Underwood > Priority: Minor > > Calling `sql.rows(string)` works while calling `sql.rows(gstring)` returns an > empty result set. > This indicates a possible bug in the protected method > `groovy.sql.Sql.asSql()`. > I have created a sample program which demonstrates the behavior at > https://github.com/jnunderwood/groovy-sql-test -- This message was sent by Atlassian JIRA (v7.6.3#76005)