Skip to content

Commit

Permalink
Merge pull request #537 from lasher23/master
Browse files Browse the repository at this point in the history 
#535 escape string in multi row statements values via DatabaseUtils
  • Loading branch information
@jepiqueau
jepiqueau committed Apr 23, 2024
2 parents a632b9d + 39a068a commit dde1d2b
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion android/src/main/java/com/getcapacitor/community/database/sqlite/SQLite/Database.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

import android.content.Context;
import android.content.SharedPreferences;
import android.database.DatabaseUtils;
import android.os.Build;
import android.util.Log;
import androidx.sqlite.db.SimpleSQLiteQuery;
Expand Down Expand Up @@ -503,7 +504,7 @@ public JSObject multipleRowsStatement(String statement, JSONArray valuesJson, St
String elementValue = "";

if (innerElement instanceof String) {
elementValue = "'" + innerElement + "'";
elementValue = DatabaseUtils.sqlEscapeString((String) innerElement);
} else {
elementValue = String.valueOf(innerElement);
}
Expand Down

0 comments on commit dde1d2b

Please sign in to comment.