Let's pretend I have a JCR 2 query string that is made like this:
String sql2Query = "SELECT * FROM [cq:PageContent] " +
"WHERE [aProperty] <> \" + aValue + "\"";
Are there any helper methods using which I can escape aValue?
By the way, I already know that in SQL2 we can use placeholders in queries
and let the framework take care of escaping of values for us, but if I were
to create this query dynamically like this, how can I escape aValueto
prevent SQL injection as well as construction of broken queries?
Thanks in advance.
Best regards,
Behrang
http://www.behrang.org
