From e89331e05928352a48bef3d36fee88a380d293a7 Mon Sep 17 00:00:00 2001 From: Stefan Hardegger Date: Thu, 31 Jul 2025 07:46:14 +0200 Subject: [PATCH] DB Backup Bugfix --- .../service/DatabaseManagementService.java | 77 +++++++++++-------- 1 file changed, 45 insertions(+), 32 deletions(-) diff --git a/backend/src/main/java/com/storycove/service/DatabaseManagementService.java b/backend/src/main/java/com/storycove/service/DatabaseManagementService.java index 1a2044d..c624f2c 100644 --- a/backend/src/main/java/com/storycove/service/DatabaseManagementService.java +++ b/backend/src/main/java/com/storycove/service/DatabaseManagementService.java @@ -83,38 +83,7 @@ public class DatabaseManagementService { if (i > 1) sqlDump.append(", "); Object value = rs.getObject(i); - if (value == null) { - sqlDump.append("NULL"); - } else if (value instanceof Boolean) { - sqlDump.append(((Boolean) value) ? "true" : "false"); - } else if (value instanceof Number) { - // Handle numeric types (Integer, Long, Double, etc.) - sqlDump.append(value.toString()); - } else { - // Handle all other types as strings (String, UUID, Timestamp, CLOB, TEXT, etc.) - String stringValue; - - // Special handling for CLOB types - if (value instanceof Clob) { - Clob clob = (Clob) value; - try { - stringValue = clob.getSubString(1, (int) clob.length()); - } catch (SQLException e) { - stringValue = value.toString(); - } - } else { - stringValue = value.toString(); - } - - // Debug: log if we're dealing with a large content field - if (stringValue.length() > 1000) { - System.out.println("Processing large field (length: " + stringValue.length() + ") with quotes: " + stringValue.contains("'") + " type: " + value.getClass().getSimpleName()); - } - - // Escape single quotes by replacing ' with '' - String escapedValue = stringValue.replace("'", "''"); - sqlDump.append("'").append(escapedValue).append("'"); - } + sqlDump.append(formatSqlValue(value)); } sqlDump.append(");\n"); @@ -213,4 +182,48 @@ public class DatabaseManagementService { return totalDeleted; } + + /** + * Formats a database value for SQL insertion, handling proper escaping + */ + private String formatSqlValue(Object value) { + if (value == null) { + return "NULL"; + } + + if (value instanceof Boolean) { + return ((Boolean) value) ? "true" : "false"; + } + + if (value instanceof Number) { + return value.toString(); + } + + // Handle all other types as strings (String, UUID, Timestamp, CLOB, TEXT, etc.) + String stringValue; + + // Special handling for CLOB types + if (value instanceof Clob) { + Clob clob = (Clob) value; + try { + stringValue = clob.getSubString(1, (int) clob.length()); + } catch (SQLException e) { + stringValue = value.toString(); + } + } else { + stringValue = value.toString(); + } + + // Debug output for large fields + if (stringValue.length() > 1000) { + System.err.println("DEBUG: Processing large field (length: " + stringValue.length() + + ") with quotes: " + stringValue.contains("'") + + " type: " + value.getClass().getSimpleName()); + } + + // Escape single quotes by replacing ' with '' and wrap in quotes + // This is the critical line - make absolutely sure single quotes are escaped + String escapedValue = stringValue.replace("'", "''"); + return "'" + escapedValue + "'"; + } } \ No newline at end of file