Skip to content

mapper DB.runUpdate crashes if question marks in valid strings #1248

TimPigden opened this Issue Mar 30, 2012 · 1 comment

2 participants


the following will fail

DB.runUpdate("insert into myTable (name, comment) values ('Tim', 'Why?'), Nil)

because the code in mapper is incorrectly parsing for ? as a parameter in the entire sql statement not just in parameter positions.

See this post for discussion!topic/liftweb/2wxkFMK-niY

including trace and source code reference

Suggested short-term workaround:
create DB.runUpdate(sql: String) with no parameters

and return error instead of crashing and looking for items in empty param list

Lift Web Framework member
fbettag commented Jun 2, 2012

Hi, i found another workaround which might be better suited. Since the issue is DB.LoggedPreparedStatementHandler, i've come up with this solution. It uses the idea of Scala's String.format to use %% to get a percent sign. So i've given it support for ??.


This is probably not that good when you have user generated content, but .replaceAll("\?", "??) is manageable imho. (you gotta escape for injections anyhow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.