Closed iliyan-velichkov closed 6 months ago
use prepared statements to execute the merge queries- https://www.dirigible.io/api/database/update/#basic-usage
private static saveLogEvent(logData: LogData) {
const sql = `insert into LOG_EVENTS ("LOG_SEVERITY", "LOG_MESSAGE", "LOG_TIMESTAMP") values (?, ?, ?)`;
const queryParameters = [logData.severity, logData.message, logData.date];
update.execute(sql, queryParameters, null);
}
not needed anymore, the code was refactored https://github.com/codbex/codbex-electra/pull/94
All inbound synchronization data which comes from the OpenCart DB should be escaped properly. For example, if you have a column which contains a character
'
should be escaped with double'
. Like this is done here and used in here. Consider to make a centralized solution which will escape all the special characters which may break the SQL statements.