From d8b1777e1d03bafa9f830dcdb9526e5dd7131f72 Mon Sep 17 00:00:00 2001
From: Mirco Nasuti <mirco.nasuti@chuv.ch>
Date: Mon, 9 Oct 2017 17:22:00 +0200
Subject: [PATCH] quick and dirty fix for the filtering of vars values
 containing single quotes

---
 src/main/java/eu/hbp/mip/utils/DataUtil.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/eu/hbp/mip/utils/DataUtil.java b/src/main/java/eu/hbp/mip/utils/DataUtil.java
index 007f62cc3..e2fa3f5fc 100644
--- a/src/main/java/eu/hbp/mip/utils/DataUtil.java
+++ b/src/main/java/eu/hbp/mip/utils/DataUtil.java
@@ -34,6 +34,7 @@ public class DataUtil {
         }
 
         if (filters.length() > 0) {
+            filters = filters.replaceAll("\\\\'", "''");  // Quick and dirty workaround
             filters = String.format("AND %s", filters);
         }
 
@@ -45,7 +46,9 @@ public class DataUtil {
             if (nbRows >= 1) {
                 List<Object> queryResult;
                 synchronized(this){
+                    // Dirty
                     jdbcTemplate.execute("SELECT SETSEED(0.42)");
+                    // Dirty
                     queryResult = jdbcTemplate.queryForList(
                             String.format("SELECT %s FROM %s WHERE %s IS NOT NULL %s ORDER BY Random() LIMIT %d",
                                     var, featuresMainTable, var, filters, MAX_NB_SAMPLES),
@@ -89,6 +92,7 @@ public class DataUtil {
     @Cacheable("colscount")
     public long countVariables()
     {
+        // Dirty
         return jdbcTemplate.queryForObject(
                 "SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS " +
                         "WHERE table_name = '"+featuresMainTable+"'", Long.class);
@@ -97,6 +101,7 @@ public class DataUtil {
     @Cacheable("rowscount")
     public long countDatasetRows()
     {
+        // Dirty
         return jdbcTemplate.queryForObject(
                 "SELECT COUNT(*) FROM "+featuresMainTable, Long.class);
     }
-- 
GitLab