Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

Escaping string in XML queryDef

David__Garcia
Level 8
Level 8

I am working on a webapp and while trying to query the submitted name O'Reilly I get the following error message.

 

Element 'Reilly' unknown (see definition of schema 'Recipients (nms:recipient)'). XTK-170036 Unable to parse expression '[@firstName] = 'O'Reilly''. SOP-330011 Error while executing the method 'ExecuteQuery' of service 'xtk:queryDef'.

 

So I turned to documentation for escaping strings using

 

NL.XTK.toXTKString

https://docs.adobe.com/content/help/en/campaign-classic/technicalresources/api/p-8.html

 

 

 

NL.require('/nl/core/shared/xml.js');
NL.require('/nl/core/sql.js');
NL.require('/nl/core/shared/xtk.js');
NL.require('/nl/core/shared/js.js');

var firstName =  NL.XTK.toXTKString(ctx.recipient.@firstName);
var lastName =  NL.XTK.toXTKString(ctx.recipient.@lastName);
var email =  NL.XTK.toXTKString(ctx.recipient.@email);

var query = NLWS.xtkQueryDef.create({queryDef: {
  schema: "nms:recipient", operation: "getIfExists", // "get" does a SQL "LIMIT 1"
  select: { node: [{expr: "@id"}] }, // get  only
  where: { 
    condition: [
      {expr: "@email = '"+email+"'"}, // filter by email
      {expr: "@firstName = '"+firstName+"'"}, // and first name
      {expr: "@lastName = '"+lastName+"'"} // and last name
    ],
    orderBy: { node: [{expr:"@lastModified", sortDesc:"true"}] }, // ORDER BY lastModified DESC
  }
}});
var recipient = query.ExecuteQuery(); 

 

 

 

 

and I get the following error

 
Error: Cannot format to XTK string : invalid type 'undefined' or value 'David'S'
{anonymous}([object XML])@/nl/core/shared/xtk.js:375
{anonymous}("script")@_webApp_APP227__preview:280
{anonymous}("htmlPage2","")@/nl/core/formbase.js:378
_webApp_APP227__preview([object HttpServletRequest],[object HttpServletResponse])@_webApp_APP227__preview:887
<ctx lang="en" score="0" date="2021-08-09T20:11:41Z" _target="web" webApp-id="21658427" origin="neolane" _folderModel="nmsRecipient" activityHist="@c8veCskzvdsEGJfd3C+21B67VZlfCUJcwtGdklVYk5ZfMb8+mZDeCk3Iza7MQjHR8cuA4HJIS0x1+aq2+yPfqxKx4XrMdHscCvacbVN+YPzk5Eb2W+cT8I3/RZe2v5Mh2hKC+GcsU7wV7lhcMwVPsNgoPJh4rwPL/n3zo0z1wKo=">
  <userInfo datakitInDatabase="true" homeDir="" instanceLocale="en-GB" locale="en-GB" login="webapp" loginCS="Web applications agent (webapp)" loginId="3465" noConsoleCnx="true" orgUnitId="0" theme="" timezone="Europe/London" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="urn:xtk:session" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <login-right right="webapp"/>
    <login-right right="admin"/>
  </userInfo>
  <timezone current="Europe/London" changed="false"/>
  <activityHistory>
    <activity name="htmlPage2" type="htmlPage"/>
    <activity name="start" type="start"/>
  </activityHistory>
  <recipient firstName="David'S" lastName="Garcia-a" phone="20392039209" email="davidgarcia@test.com"/>
  <vars>
    <investment>100000</investment>
  </vars>
</ctx>

 

Doesnt work and so I turned to the following quick fix to escape* the single quote, however, I very much prefer to know why the above is not working, or if anyone else have a cleaner way of escaping strings using  acc libraries or js functions

 

 

 

        <where>
          <condition boolOperator="AND" expr={"[@lastName] = '" + ctx.recipient.@lastName.toString().replace(/'/g, "\\'") +"'"} />
          <condition boolOperator="AND" expr={"[@email] = '" + ctx.recipient.@email.toString() +"'"} />
          <condition boolOperator="AND" expr={"[@firstName] = '" + ctx.recipient.@firstName.toString().replace(/'/g, "\\'") +"'"} />
        </where>    

 

 

x

 

 

2 Replies
kishorep
Employee
Employee

Hello David,

Please try below:

// Load library
NL.require('/nl/core/shared/js.js');

// sanitize ctx.recipient.@firstName
var firstName = NL.JS.escape(ctx.recipient.@firstName);

Hope this helps!

Sukrity_Wadhwa
Employee
Employee

Hi @David__Garcia,

 

Was the given solution helpful to resolve your query or do you still need more help here? Do let us know.

 

Thanks!