Tuesday, 31 July 2012

Handling single quote in apex class

By using String.escapeSingleQuotes() method we handle single quotes in a string to inject query  as shown below

Eg:
==
squery='select id,name,Project_Number__c,Description__c,Project_Manager__c,Project_Director__c,Project_Manager__r.name,Project_Director__r.name from Milestone1_Project__c where ((name like\''+String.escapeSingleQuotes(searchString)+'%\' OR Project_Number__c like\''+String.escapeSingleQuotes(searchString)+'%\'))';

No comments:

Post a Comment