var query = "\
SELECT\
id\
FROM\
teaching_allotments\
WHERE\
course_code = '" + utils.stringReplace(code, "'", "''") + "'";
As a Query Builder statement, there is (seems to be) no need for masking, like the following code is sufficient. I assume it's escaping the characters described in https://wiki.servoy.com/display/DOCS/Escape+sequences
A confirmation of my assumption would be very helpful. Thanks.
var query = datasources.db.hades.teaching_allotments.createSelect();
var ta = query.columns;
query.result
.addPk();
query.where
.add(ta.course_code.eq(code));
Regards,