Annotation Interface SqlOddQuotes


Denotes a String that contains an odd number of unescaped single quotes – i.e., there must be an odd number of ‘ characters in a SqlOddQuotes String that are not preceded immediately by another ' character. (Thus, all SqlOddQuotes Strings ultimately contain an odd number of single quotes, escaped or otherwise.) SqlOddQuotes Strings are not syntactical to be passed to query execution methods.

Common use cases include: SQL query fragments to be concatenated with user input, such as “SELECT * FROM table WHERE field = ‘”; SQL query fragments containing user input but missing an ending single quote, such as “SELECT * FROM table WHERE field = ‘value”; connecting punctuation, such as “’, “; and any combinations of the above with paired-off single quotes, such as “SELECT * FROM table WHERE field1 = ‘value1’, field2 = ‘value2’, field3 = ‘”.

See the Checker Framework Manual:
SQL Quotes Checker