SOLR-1767: dataimporter.functions.escapeSql() does not escape backslash character

git-svn-id: https://svn.apache.org/repos/asf/lucene/solr/trunk@908357 13f79535-47bb-0310-9956-ffa450edef68
2010-02-10 05:38:56 +00:00 · 2010-02-10 05:38:56 +00:00 · 249be10000
parent 90135ac5ad
commit 249be10000
3 changed files with 7 additions and 1 deletions
--- a/contrib/dataimporthandler/CHANGES.txt
+++ b/contrib/dataimporthandler/CHANGES.txt
@ -61,6 +61,8 @@ Bug Fixes

 * SOLR-1766: DIH with threads enabled doesn't respond to the abort command (Michael Henson via noble)

+* SOLR-1767: dataimporter.functions.escapeSql() does not escape backslash character (Sean Timm via noble) 
+
 Other Changes
 ----------------------

--- a/contrib/dataimporthandler/src/main/java/org/apache/solr/handler/dataimport/EvaluatorBag.java
+++ b/contrib/dataimporthandler/src/main/java/org/apache/solr/handler/dataimport/EvaluatorBag.java
@ -72,7 +72,10 @@ public class EvaluatorBag {
          throw new DataImportHandlerException(SEVERE, "'escapeSql' must have at least one parameter ");
        }
        String s = l.get(0).toString();
-        return s.replaceAll("'", "''").replaceAll("\"", "\"\"");
+        // escape single quote with two single quotes, double quote
+        // with two doule quotes, and backslash with double backslash.
+        // See:  http://dev.mysql.com/doc/refman/4.1/en/mysql-real-escape-string.html
+        return s.replaceAll("'", "''").replaceAll("\"", "\"\"").replaceAll("\\\\", "\\\\\\\\");
      }
    };
  }
--- a/contrib/dataimporthandler/src/test/java/org/apache/solr/handler/dataimport/TestEvaluatorBag.java
+++ b/contrib/dataimporthandler/src/test/java/org/apache/solr/handler/dataimport/TestEvaluatorBag.java
@ -49,6 +49,7 @@ public class TestEvaluatorBag {
    sqlTests = new HashMap<String, String>();

    sqlTests.put("foo\"", "foo\"\"");
+    sqlTests.put("foo\\", "foo\\\\");
    sqlTests.put("foo'", "foo''");
    sqlTests.put("foo''", "foo''''");
    sqlTests.put("'foo\"", "''foo\"\"");