What is the best way to escape SQL in Saxon? Is it possible to do something like this?
<xsl:variable name="sql-value" select="$field-value => org.apache.commons.lang.StringEscapeUtils.escapeSql()"/>
If so, would I just need to include this jar file? Or is there a better way?
With Saxon-PE or -EE you can make calls directly from XPath expressions to Java methods. These are referred to as "reflexive extension functions" and are described at https://www.saxonica.com/documentation12/index.html#!extensibility/extension-functions-J/reflexive-functions
I haven't managed to track down the spec of
org.apache.commons.lang.StringEscapeUtils.escapeSql()but if it's a simple static method taking a string argument and returning a string result then you can call it as:If you want to do this with the open-source Saxon-HE then you'll need to jump through a few more hoops and write some Java wrapper code: all is explained at
https://www.saxonica.com/documentation12/index.html#!extensibility/extension-functions-J/ext-simple-J