[jboss-cvs] jboss-seam/src/main/org/jboss/seam/framework ...
Norman Richards
norman.richards at jboss.com
Mon Oct 15 15:32:43 EDT 2007
User: nrichards
Date: 07/10/15 15:32:43
Modified: src/main/org/jboss/seam/framework Query.java
Log:
JBSEAM-2099
Revision Changes Path
1.37 +8 -2 jboss-seam/src/main/org/jboss/seam/framework/Query.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: Query.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/framework/Query.java,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -b -r1.36 -r1.37
--- Query.java 28 Sep 2007 13:54:36 -0000 1.36
+++ Query.java 15 Oct 2007 19:32:43 -0000 1.37
@@ -30,6 +30,9 @@
private static final Pattern ORDER_PATTERN = Pattern.compile("\\s(order)(\\s)+by\\s", Pattern.CASE_INSENSITIVE);
private static final Pattern WHERE_PATTERN = Pattern.compile("\\s(where)\\s", Pattern.CASE_INSENSITIVE);
+ private static final Pattern ORDER_CLAUSE_PATTERN = Pattern.compile("^[\\w\\.,\\s]*$");
+
+
private String ejbql;
private Integer firstResult;
private Integer maxResults;
@@ -360,6 +363,9 @@
public void setOrder(String order)
{
+ if (!ORDER_CLAUSE_PATTERN.matcher(order).find()) {
+ throw new IllegalArgumentException("invalid order clause");
+ }
this.order = order;
refresh();
}
More information about the jboss-cvs-commits
mailing list