Class SqlParameterEncoder
- java.lang.Object
-
- com.ibm.fhir.persistence.jdbc.util.SqlParameterEncoder
-
public class SqlParameterEncoder extends Object
Provides custom encoding and escaping functions for use by the JDBCQueryBuilder. Proper encoding/escaping reduces the likelihood of SQL penetration that may happen when called via the REST layer.
-
-
Field Summary
Fields Modifier and Type Field Description static String
DEFAULT_ESCAPE_CHARACTER
-
Constructor Summary
Constructors Constructor Description SqlParameterEncoder()
SqlParameterEncoder(String escapeCharacter, String blackListCharactersRegex)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static String
encode(String parameter)
static String
encode(String parameter, String defaultEscapeCharacter, String blackListCharactersRegex)
String
encodeParameter(String parameter)
String
getEscapeCharacter()
-
-
-
Field Detail
-
DEFAULT_ESCAPE_CHARACTER
public static final String DEFAULT_ESCAPE_CHARACTER
- See Also:
- Constant Field Values
-
-
Method Detail
-
getEscapeCharacter
public String getEscapeCharacter()
-
-