Sign Up ›
  • ssv
  • NEWBIE
  • 0 Points
  • Member since 2018
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 2
    Questions
  • 6
    Replies
4 replies

how to sanitize and validate ID datatype

i am using string.escapesinglequotes but that didnt work. please help
  • August 19, 2023
  • Like
  • 0
5 replies

some users get removed from public group assigned

Some users getting automatically removed from assigned public group.

NO flow/prcoess builder is there on user object.
  • June 05, 2023
  • Like
  • 0
4 replies

how to sanitize and validate ID datatype

i am using string.escapesinglequotes but that didnt work. please help
  • August 19, 2023
  • Like
  • 0
5 replies

some users get removed from public group assigned

Some users getting automatically removed from assigned public group.

NO flow/prcoess builder is there on user object.
  • June 05, 2023
  • Like
  • 0
2 replies

String in database select

Hi,

I am getting an error as below. Any help is appreciated.

"abc.cls gets user input from
element recordid. This input is later concatenated by the application directly into a string
variable containing SQL commands, without being validated. This string is then used in method
XXX to query the database select, at line 137 of forceapp/
main/default/classes/abc.cls, without any additional
filtering by the database. This could allow the user to tamper with the filter parameter."

112. public static string abc(String recordId) {

137. public static XXX(String recordId)
    {
153. Account act= [SELECT Id, Name, Member_Number__c, Phone FROM Account where Id = :recordId LIMIT 1];

what kind of validation do I need to do for the field recordID prior to that database query. Could anyone please help?

Regards
Amar