Dear community
For my DataSource I want to extend the $defaultWhereClause with Velocity Support feature (SmartGWT 2.4).
My custom whereClause looks like this:
And the output like this:
which clearly results in a SQL Exception.
I've seen in the documentation that this is a security feature against SQL injection attacks.
But in my case it is unwanted.
Is there a possibility to disable the escaping?
BTW: The same code within <customSQL> will work correctly (no escaping)
Thanks in advance
Marco
For my DataSource I want to extend the $defaultWhereClause with Velocity Support feature (SmartGWT 2.4).
My custom whereClause looks like this:
Code:
<whereClause>
#if($criteria.process == "doThis")
#set($process = "AND (CONVERT(myTimestamp, DATE) < $currentDate)")
#elseif($criteria.process == "doThat")
#set($process = "AND (CONVERT(myTimestamp, DATE) > $currentDate)")
#else
#set($process = "")
#end
$defaultWhereClause
$process
</whereClause>
Code:
myName = 'Marco' ' AND (CONVERT(myTimestamp, DATE) < ''2011-02-10 21:29:45.713'')'
I've seen in the documentation that this is a security feature against SQL injection attacks.
But in my case it is unwanted.
Is there a possibility to disable the escaping?
BTW: The same code within <customSQL> will work correctly (no escaping)
Thanks in advance
Marco
Comment