com.google.maps.clients.mapsengine

Class Security

java.lang.Object

com.google.maps.clients.mapsengine.Security

public class Security
extends java.lang.Object

Provides some security tools for manipulating data in Maps Engine.

Method Summary

Methods

Modifier and Type	Method and Description
static java.lang.String	escapeAndQuoteString(java.lang.String in) Escapes any internal quotes and ensures the parameter is correctly (single) quoted.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

escapeAndQuoteString

public static java.lang.String escapeAndQuoteString(java.lang.String in)

Escapes any internal quotes and ensures the parameter is correctly (single) quoted. This is intended for use in string components of ‘where’ clauses, where user input is untrusted and potentially harmful. This is not meant for use in quoting column names or aliases in ‘select’ clauses, where quoting is different. FeaturesListResponse response = engine.tables().features().list(TABLE_ID) .setWhere(String.format("mycolumn = %s", Security.escapeAndQuoteString(userInput)));

Parameters:

in - A string to escape

Returns:

If null input, then null output. Otherwise a quoted, escaped version of the input.