Expand my Community achievements bar.

Escaping string in XML queryDef

Avatar

Community Advisor

I am working on a webapp and while trying to query the submitted name O'Reilly I get the following error message.

 

Element 'Reilly' unknown (see definition of schema 'Recipients (nms:recipient)'). XTK-170036 Unable to parse expression '[@firstName] = 'O'Reilly''. SOP-330011 Error while executing the method 'ExecuteQuery' of service 'xtk:queryDef'.

 

So I turned to documentation for escaping strings using

 

NL.XTK.toXTKString

https://docs.adobe.com/content/help/en/campaign-classic/technicalresources/api/p-8.html

 

 

 

NL.require('/nl/core/shared/xml.js');
NL.require('/nl/core/sql.js');
NL.require('/nl/core/shared/xtk.js');
NL.require('/nl/core/shared/js.js');

var firstName =  NL.XTK.toXTKString(ctx.recipient.@firstName);
var lastName =  NL.XTK.toXTKString(ctx.recipient.@lastName);
var email =  NL.XTK.toXTKString(ctx.recipient.@email);

var query = NLWS.xtkQueryDef.create({queryDef: {
  schema: "nms:recipient", operation: "getIfExists", // "get" does a SQL "LIMIT 1"
  select: { node: [{expr: "@id"}] }, // get  only
  where: { 
    condition: [
      {expr: "@email = '"+email+"'"}, // filter by email
      {expr: "@firstName = '"+firstName+"'"}, // and first name
      {expr: "@lastName = '"+lastName+"'"} // and last name
    ],
    orderBy: { node: [{expr:"@lastModified", sortDesc:"true"}] }, // ORDER BY lastModified DESC
  }
}});
var recipient = query.ExecuteQuery(); 

 

 

 

 

and I get the following error

 
Error: Cannot format to XTK string : invalid type 'undefined' or value 'David'S'
{anonymous}([object XML])@/nl/core/shared/xtk.js:375
{anonymous}("script")@_webApp_APP227__preview:280
{anonymous}("htmlPage2","")@/nl/core/formbase.js:378
_webApp_APP227__preview([object HttpServletRequest],[object HttpServletResponse])@_webApp_APP227__preview:887
<ctx lang="en" score="0" date="2021-08-09T20:11:41Z" _target="web" webApp-id="21658427" origin="neolane" _folderModel="nmsRecipient" activityHist="@c8veCskzvdsEGJfd3C+21B67VZlfCUJcwtGdklVYk5ZfMb8+mZDeCk3Iza7MQjHR8cuA4HJIS0x1+aq2+yPfqxKx4XrMdHscCvacbVN+YPzk5Eb2W+cT8I3/RZe2v5Mh2hKC+GcsU7wV7lhcMwVPsNgoPJh4rwPL/n3zo0z1wKo=">
  <userInfo datakitInDatabase="true" homeDir="" instanceLocale="en-GB" locale="en-GB" login="webapp" loginCS="Web applications agent (webapp)" loginId="3465" noConsoleCnx="true" orgUnitId="0" theme="" timezone="Europe/London" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="urn:xtk:session" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <login-right right="webapp"/>
    <login-right right="admin"/>
  </userInfo>
  <timezone current="Europe/London" changed="false"/>
  <activityHistory>
    <activity name="htmlPage2" type="htmlPage"/>
    <activity name="start" type="start"/>
  </activityHistory>
  <recipient firstName="David'S" lastName="Garcia-a" phone="20392039209" email="davidgarcia@test.com"/>
  <vars>
    <investment>100000</investment>
  </vars>
</ctx>

 

Doesnt work and so I turned to the following quick fix to escape* the single quote, however, I very much prefer to know why the above is not working, or if anyone else have a cleaner way of escaping strings using  acc libraries or js functions

 

 

 

        <where>
          <condition boolOperator="AND" expr={"[@lastName] = '" + ctx.recipient.@lastName.toString().replace(/'/g, "\\'") +"'"} />
          <condition boolOperator="AND" expr={"[@email] = '" + ctx.recipient.@email.toString() +"'"} />
          <condition boolOperator="AND" expr={"[@firstName] = '" + ctx.recipient.@firstName.toString().replace(/'/g, "\\'") +"'"} />
        </where>    

 

 

x

 

 

2 Replies

Avatar

Employee Advisor

Hello David,

Please try below:

// Load library
NL.require('/nl/core/shared/js.js');

// sanitize ctx.recipient.@firstName
var firstName = NL.JS.escape(ctx.recipient.@firstName);

Hope this helps!

Avatar

Administrator

Hi @david--garcia,

 

Was the given solution helpful to resolve your query or do you still need more help here? Do let us know.

 

Thanks!



Sukrity Wadhwa