single quotes not escaped for titles stored in field_value

TexasDigitalLibrary / Vireo

Vireo is a turnkey Electronic Thesis and Dissertation (ETD) Management System.

https://texasdigitallibrary.atlassian.net/wiki/spaces/VUG/pages/87490642/About

GNU General Public License v2.0

46 stars 35 forks source link

single quotes not escaped for titles stored in field_value #1909

Open smutniak opened 7 months ago

smutniak commented 7 months ago

problem querying for single apostrophies such as "redacted's" in WHERE clause

WHERE (fv.field_predicate_id = 11 AND ( (LOWER(fv.value) LIKE '%redacted%'))) AND (fv.field_predicate_id = 29 AND ( (LOWER(fv.value) LIKE '%redacted redacted's redacted%') OR (LOWER(fv.value) LIKE '%redacted redacted%')))]; nested exception is org.postgresql.util.PSQLException: Unterminated string literal started at position 489 in SQL SELECT