EncodeSql should only be used

Hi there,

I use this fragment in sort property of Refresh Data:

SyntaxEditor Code Snippet

EncodeSql(List_SortColumn_GetOrderBy(XXXXTable.Id, DefaultOrder: "LOSDATE"))

and the warning comes up:

EncodeSQL should only be used to escape string literals. Check the ....

Then, I tried to fix it, by concatenate with zero string, and the warning is gone:


SyntaxEditor Code Snippet

EncodeSql("" + List_SortColumn_GetOrderBy(XXXX.Id, DefaultOrder: "LOSDATE"))

 My question, is this fixing is on the right track?

Regards

IHi,

I don't think you need EncodeSQL in List SortColumn.

Regards,

Daniel

Hi Sir,

If i remove it, there is another warning:

Ensure the expand line argument is protected by using EncodeSql() or verifysqlLiteral()...

regards

Solution

Then you need it like this

EncodeSql(List_SortColumn_GetOrderBy(XXXXTable.Id, DefaultOrder: EncodeSql("LOSDATE")))
Solution

Thank you very much Sir,

You are so helpful genius!

regards