Skip to content

Commit

Permalink
#535 escape string in multi row statements values via DatabaseUtils
Browse files Browse the repository at this point in the history
  • Loading branch information
Nicolas Schmid committed Apr 16, 2024
1 parent fa0c4a9 commit 39a068a
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion android/src/main/java/com/getcapacitor/community/database/sqlite/SQLite/Database.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

import android.content.Context;
import android.content.SharedPreferences;
import android.database.DatabaseUtils;
import android.os.Build;
import android.util.Log;
import androidx.sqlite.db.SimpleSQLiteQuery;
Expand Down Expand Up @@ -503,7 +504,7 @@ public JSObject multipleRowsStatement(String statement, JSONArray valuesJson, St
String elementValue = "";

if (innerElement instanceof String) {
elementValue = "'" + innerElement + "'";
elementValue = DatabaseUtils.sqlEscapeString((String) innerElement);
} else {
elementValue = String.valueOf(innerElement);
}
Expand Down

0 comments on commit 39a068a

Please sign in to comment.