本文整理了Java中org.apache.commons.lang.StringEscapeUtils.escapeSql()方法的一些代码示例，展示了StringEscapeUtils.escapeSql()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台，是从一些精选项目中提取出来的代码，具有较强的参考意义，能在一定程度帮忙到你。StringEscapeUtils.escapeSql()方法的具体详情如下：
包路径：org.apache.commons.lang.StringEscapeUtils
类名称：StringEscapeUtils
方法名：escapeSql

StringEscapeUtils.escapeSql介绍

[英]Escapes the characters in a String to be suitable to pass to an SQL query.

For example,

statement.executeQuery("SELECT * FROM MOVIES WHERE TITLE='" +  
StringEscapeUtils.escapeSql("McHale's Navy") +  
"'");

At present, this method only turns single-quotes into doubled single-quotes ("McHale's Navy" => "McHale''s Navy"). It does not handle the cases of percent (%) or underscore (_) for use in LIKE clauses.
see http://www.jguru.com/faq/view.jsp?EID=8881
[中]转义String中的字符以适合传递给SQL查询。
例如

statement.executeQuery("SELECT * FROM MOVIES WHERE TITLE='" +  
StringEscapeUtils.escapeSql("McHale's Navy") +  
"'");

目前，这种方法只能将单引号转换为双引号（"McHale's Navy"=>"McHale''s Navy"）。它不处理在LIKE子句中使用的百分数（%）或下划线（u）的情况。
看见http://www.jguru.com/faq/view.jsp?EID=8881

代码示例

代码示例来源：origin: pentaho/pentaho-kettle

/**
 * Escape SQL content. i.e. replace characters with &values;
 *
 * @param content
 *          content
 * @return escaped content
 */
public static String escapeSQL( String content ) {
 if ( Utils.isEmpty( content ) ) {
  return content;
 }
 return StringEscapeUtils.escapeSql( content );
}

代码示例来源：origin: forcedotcom/phoenix

private String getTenantIdWhereClause() {
  PName tenantId = connection.getTenantId();
  return "(" + TENANT_ID + " IS NULL " + 
      (tenantId == null
        ? ") "
        : " OR " + TENANT_ID + " = '" + StringEscapeUtils.escapeSql(tenantId.getString()) + "') ");
}

代码示例来源：origin: bedatadriven/activityinfo

public static String quote(String code) {
    if(code == null) {
      return "null";
    } else {
      return "\'" + StringEscapeUtils.escapeSql(code) + "\'";
    }
  }
}

代码示例来源：origin: de.smartics.properties/smartics-properties-transfer-templatestream

@Override
 public String escape(final String value)
 {
  return StringEscapeUtils.escapeSql(value);
 }
});

代码示例来源：origin: org.owasp.jbrofuzz/jbrofuzz

private static String encodeEscSql(final String encodeText) {
  return StringEscapeUtils.escapeSql(encodeText);
}

代码示例来源：origin: de.smartics.properties/smartics-properties-transfer-templatestream

@Override
 public String escape(final String value)
 {
  return StringEscapeUtils.escapeSql(value);
 }
});

代码示例来源：origin: org.apache.phoenix/phoenix-core

public static String escapeStringConstant(String pattern) {
  return StringEscapeUtils.escapeSql(pattern); // Need to escape double quotes
}

代码示例来源：origin: com.synaptix/stxToolkit

public String apply(String str){
    return StringEscapeUtils.escapeSql(str);
  }
}

代码示例来源：origin: SmartDataAnalytics/Sparqlify

@Override
public String escapeStringLiteral(String str) {
  return "'" + StringEscapeUtils.escapeSql(str) + "'";
}

代码示例来源：origin: com.bbossgroups/bboss-velocity

/**
 * Escapes the characters in a String to be suitable to pass to an SQL query.
 * 
 * @param text
 * @return An escaped string.
 * @see <a href="http://jakarta.apache.org/commons/lang/api/org/apache/commons/lang/StringEscapeUtils.html#escapeSql(java.lang.String)">StringEscapeUtils</a>
 */
protected String escape(Object text)
{
  return StringEscapeUtils.escapeSql(text.toString());
}

代码示例来源：origin: org.apache.servicemix.bundles/org.apache.servicemix.bundles.velocity

/**
 * Escapes the characters in a String to be suitable to pass to an SQL query.
 * 
 * @param text
 * @return An escaped string.
 * @see <a href="http://jakarta.apache.org/commons/lang/api/org/apache/commons/lang/StringEscapeUtils.html#escapeSql(java.lang.String)">StringEscapeUtils</a>
 */
protected String escape(Object text)
{
  return StringEscapeUtils.escapeSql(text.toString());
}

代码示例来源：origin: org.apache.velocity/com.springsource.org.apache.velocity

/**
 * Escapes the characters in a String to be suitable to pass to an SQL query.
 * 
 * @param text
 * @return An escaped string.
 * @see <a href="http://jakarta.apache.org/commons/lang/api/org/apache/commons/lang/StringEscapeUtils.html#escapeSql(java.lang.String)">StringEscapeUtils</a>
 */
protected String escape(Object text)
{
  return StringEscapeUtils.escapeSql(text.toString());
}

代码示例来源：origin: awslabs/aws-codebuild-jenkins-plugin

public static String sanitize(final String s) {
  if(s == null) {
    return "";
  } else {
    return escapeSql(escapeHtml(s.trim()));
  }
}

代码示例来源：origin: OpenClinica/OpenClinica

private String buildCriteria(String criteria, String property, Object value) {
  value = StringEscapeUtils.escapeSql(value.toString());
  if (value != null) {
    if (property.equals("studyId") || property.equals("ruleSetRunSchedule") ||  property.equals("actionType") || property.equals("actionExecuteOn") || property.equals("ruleSetRuleStatus")) {
      criteria = criteria + " " + columnMapping.get(property) + " = " + value.toString() + " ";
    }
    else {
      criteria += " UPPER(" + columnMapping.get(property) + ") like UPPER('%" + value.toString() + "%')" + " ";
    }
  }
  return criteria;
}

代码示例来源：origin: OpenClinica/OpenClinica

private String buildCriteriaForSelect(String criteria, String property, Object value) {
  value = StringEscapeUtils.escapeSql(value.toString());
  if (value != null) {
    if (property.equals("dn.discrepancy_note_type_id")) {
      int typeId = Integer.valueOf(value.toString());
      if (typeId > 0 && typeId < 10) {
        criteria += " and " + property + " = " + value.toString() + " ";
      }
    } else if (property.equals("dn.resolution_status_id")) {
      criteria += value.toString();
    }
  }
  return criteria;
}

代码示例来源：origin: OpenClinica/OpenClinica

private String buildCriteriaForSelect(String criteria, String property, Object value) {
  value = StringEscapeUtils.escapeSql(value.toString());
  if (value != null) {
    if (property.equals("dn.discrepancy_note_type_id")) {
      int typeId = Integer.valueOf(value.toString());
      if (typeId > 0 && typeId < 10) {
        criteria += " and " + property + " = " + value.toString() + " ";
      }
    } else if (property.equals("dn.resolution_status_id")) {
      criteria += value.toString();
    }
  }
  return criteria;
}

代码示例来源：origin: io.konig/konig-data-app-common

public String escapeUtils(String value) {
  return StringEscapeUtils.escapeHtml(StringEscapeUtils.escapeSql(StringEscapeUtils.escapeJavaScript(value)));
}

代码示例来源：origin: GeeQuery/ef-orm

/**
 * 将输入的HTML字符集转换为数据库字符集 HTML字符集：特殊字符已经被转义HTML文本 数据库字符集: 特殊字符'被转义成两个'的文本
 * 用于将页面输入转换为SQL语句
 */
public static String unescapeHtmlToSql(String s) {
  if (s == null)
    return null;
  return StringEscapeUtils.escapeSql(StringEscapeUtils.unescapeHtml(s));
}

代码示例来源：origin: entando/entando-core

@JsonIgnore
@SuppressWarnings("rawtypes")
public EntitySearchFilter getEntitySearchFilter() {
  EntitySearchFilter filter = new EntitySearchFilter(StringEscapeUtils.escapeSql(this.getEntityAttr()), true, StringEscapeUtils.escapeSql(this.getValue()), true, LikeOptionType.COMPLETE);
  return filter;
}

代码示例来源：origin: entando/entando-core

@JsonIgnore
@SuppressWarnings("rawtypes")
public FieldSearchFilter getFieldSearchFilter() {
  FieldSearchFilter filter = new FieldSearchFilter(StringEscapeUtils.escapeSql(this.getAttributeName()), StringEscapeUtils.escapeSql(this.getValue()), true, LikeOptionType.COMPLETE);
  return filter;
}