Index: test/org/mindswap/pellet/query/ParameterizedStringTest.java
===================================================================
--- test/org/mindswap/pellet/query/ParameterizedStringTest.java	(revisión: 0)
+++ test/org/mindswap/pellet/query/ParameterizedStringTest.java	(revisión: 25)
@@ -0,0 +1,220 @@
+package org.mindswap.pellet.query;
+
+import com.hp.hpl.jena.query.Syntax;
+
+import junit.framework.TestCase;
+
+/**
+ * @author Pablo Ordu&ntilde;a ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Aitor Almeida ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Unai Aguilera ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Iker Larizgoitia ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Xabier Laiseca ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * 
+ */
+public class ParameterizedStringTest extends TestCase{
+	private final String XSD = "http://www.w3.org/2001/XMLSchema#";
+	
+	public void testParameterizedString(){
+		String query_start = "SELECT a = ";
+		String query_end = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_start + "${user}" + query_end);
+		pqs.setString("user", "something");
+		assertEquals(query_start + "'something'^^<"+ XSD +"string>" + query_end, pqs.getStringQuery());
+	}
+	
+	public void testParameterizedStringNotChanged(){
+		String query_begin = "SELECT a = ";
+		String fin_query = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + fin_query);
+		try{
+			pqs.getStringQuery();
+			fail("Expected ParameterNotAssignedException");
+		}catch(ParameterNotAssignedException pnae){
+			//pass
+		}
+	}
+	
+	public void testParameterizedStringReplacedWithBraces(){
+		String query_begin = "SELECT a = ";
+		String fin_query = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + fin_query);
+		pqs.setString("user", "${user}");
+		assertEquals(
+				"SELECT a = '${user}'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+	}
+	
+	public void testParameterizedStringWithQuote(){
+		String query_begin = "SELECT a = ";
+		String fin_query = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + fin_query);
+		pqs.setString("user", "O'Reilly");
+		assertEquals(
+				"SELECT a = 'O\\'Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+	}
+	
+	public void testParameterizedStringWithOtherChars(){
+		String query_begin = "SELECT a = ";
+		String fin_query = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + fin_query);
+		pqs.setString("user", "said \"hello\" :-)");
+		assertEquals(
+				"SELECT a = 'said \\\"hello\\\" :-)'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "and\0");
+		assertEquals(
+				"SELECT a = 'and\\0'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "and\n");
+		assertEquals(
+				"SELECT a = 'and\\n'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "and\\");
+		assertEquals(
+				"SELECT a = 'and\\\\'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "and\r");
+		assertEquals(
+				"SELECT a = 'and\\r'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+	}
+	
+	public void testParameterizedStringWithUnicodeQuote(){
+		String query_begin = "SELECT a = ";
+		String query_end = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + query_end);
+		pqs.setString("user", "O\\u0027Reilly's books");
+		assertEquals(
+				"SELECT a = 'O\\'Reilly\\'s books'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "O\\u0027Reilly");
+		assertEquals(
+				"SELECT a = 'O\\'Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "\\u0027Reilly");
+		assertEquals(
+				"SELECT a = '\\'Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "\\\\u0027Reilly");
+		assertEquals(
+				"SELECT a = '\\\\\\\\u0027Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+		pqs.setString("user", "\\u00000027Reilly");
+		assertEquals(
+				"SELECT a = '\\'Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery()
+			);
+	}
+	
+	public void testParameterizedStringUnsupportedSyntax(){
+		ParameterizedString pqs = new ParameterizedString("whatever");
+		try{
+			pqs.getStringQuery(Syntax.syntaxARQ);
+			fail("Expected UnsupportedOperationException");
+		}catch(UnsupportedOperationException uoe){
+			//pass
+		}
+	}
+	
+	public void testParameterizedStringWithUnicodeQuoteAndRDQL(){
+		String query_begin = "SELECT a = ";
+		String query_end = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + query_end);
+		pqs.setString("user", "O\\u0027Reilly's books");
+		assertEquals(
+				"SELECT a = 'O\\\\u0027Reilly\\'s books'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery(Syntax.syntaxRDQL)
+			);
+		pqs.setString("user", "O\\u0027Reilly");
+		assertEquals(
+				"SELECT a = 'O\\\\u0027Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery(Syntax.syntaxRDQL)
+			);
+		pqs.setString("user", "\\u0027Reilly");
+		assertEquals(
+				"SELECT a = '\\\\u0027Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery(Syntax.syntaxRDQL)
+			);
+		pqs.setString("user", "\\\\u0027Reilly");
+		assertEquals(
+				"SELECT a = '\\\\\\\\u0027Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery(Syntax.syntaxRDQL)
+			);
+		pqs.setString("user", "\\u00000027Reilly");
+		assertEquals(
+				"SELECT a = '\\\\u00000027Reilly'^^<"+ XSD +"string> WHERE ",
+				pqs.getStringQuery(Syntax.syntaxRDQL)
+			);
+	}
+	
+	public void testParameterizedStringParameterDoesNotExist(){
+		String query_begin = "SELECT a = ";
+		String fin_query = " WHERE ";
+		ParameterizedString pqs = new ParameterizedString(query_begin + "${user}" + fin_query);
+		try{
+			pqs.setString("this.does.not.exist", "whatever");
+			fail("Expected ParameterNotFoundException");
+		}catch(ParameterNotFoundException pnae){
+			//pass
+		}
+	}
+	
+	public void testParameterizedStringFinishingInVariable(){
+		ParameterizedString pqs = new ParameterizedString("${user1}${user2}${user3}${user4}");
+		pqs.setString("user1", "whatever1");
+		pqs.setString("user2", "whatever2");
+		pqs.setString("user3", "whatever3");
+		pqs.setString("user4", "whatever4");
+		assertEquals(
+				"'whatever1'^^<http://www.w3.org/2001/XMLSchema#string>" +
+				"'whatever2'^^<http://www.w3.org/2001/XMLSchema#string>" +
+				"'whatever3'^^<http://www.w3.org/2001/XMLSchema#string>" +
+				"'whatever4'^^<http://www.w3.org/2001/XMLSchema#string>",
+				pqs.getStringQuery()
+			); 
+	}
+	
+	public void testXsdTypes(){
+		ParameterizedString pqs = new ParameterizedString(
+				"${short}" +
+				"${int}" +
+				"${long}" +
+				"${double}" +
+				"${float}" +
+				"${boolean}" +
+				"${byte}"
+			);
+		pqs.setShort(   "short",   (short)1);
+		pqs.setInt(     "int",     2);
+		pqs.setLong(    "long",    3L);
+		pqs.setDouble(  "double",  4.0);
+		pqs.setFloat(   "float",   5.0f);
+		pqs.setBoolean( "boolean", true);
+		pqs.setByte(    "byte",    (byte)6);
+		
+		assertEquals(
+				"'1'^^<"    + XSD + "short>" + 
+				"'2'^^<"    + XSD + "int>" + 
+				"'3'^^<"    + XSD + "long>" + 
+				"'4.0'^^<"  + XSD + "double>" + 
+				"'5.0'^^<"  + XSD + "float>" + 
+				"'true'^^<" + XSD + "boolean>" + 
+				"'6'^^<"    + XSD + "byte>",
+				pqs.getStringQuery()
+			);
+	}
+	
+}
Index: src/org/mindswap/pellet/query/ParameterizedString.java
===================================================================
--- src/org/mindswap/pellet/query/ParameterizedString.java	(revisión: 0)
+++ src/org/mindswap/pellet/query/ParameterizedString.java	(revisión: 25)
@@ -0,0 +1,379 @@
+package org.mindswap.pellet.query;
+
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Map;
+import java.util.Vector;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import com.hp.hpl.jena.query.QueryFactory;
+import com.hp.hpl.jena.query.Syntax;
+import com.hp.hpl.jena.update.UpdateFactory;
+
+/** An Object that represents a parameterized query string.
+ * 
+ * In order to easily avoid SPARQL Injection/SPARUL Injection/RDQL 
+ * Injection, it is possible to use thisclass to generate the initial 
+ * SPARQL query (or modification or RDQL query) with parameters in the
+ * ${parameter.name} format, and then assign values to each parameter
+ * with the set methods. Each set method will check that there is no
+ * SPARQL/SPARUL/RDQL code inside.  
+ * 
+ * <pre>
+ * public ResultSet findFriends(String userInput){ 
+ *     ParameterizedString secQuery = new ParameterizedString(
+ *              "PREFIX sample: <http://www.morelab.deusto.es/sample.owl#> " +
+ *              "SELECT ?p1 ?p2 " +
+ *              "WHERE {" +
+ *              "      ?p1 a sample:Person . " +
+ *              "      ?p2 a sample:Person . " +
+ *              "      ?p1 sample:fullName ${full.name} . " +
+ *              "      ?p1 sample:isFriendOf ?p2 . " +
+ *              "}";
+ *     );
+ *     seqQuery.setString("full.name", userInput);
+ *     Query query = QueryFactory.create(seqQuery);
+ *     QueryExecution queryExecution = QueryExecutionFactory.create(
+ *         query, 
+ *         this.model
+ *     );
+ *     return queryExecution.execSelect();
+ * }
+ * </pre>
+ * 
+ * A malicious user trying to inject code like:
+ *
+ * <pre>
+ * String userInput = "John Smith' . " +
+ *      "?b1 a injection:Building . " +
+ *      "?b1 injection:name ?buildingName . " +
+ *      "FILTER  regex(?buildingName, \"^F.*\") . " +
+ *      "} #"; // }:-D
+ * </pre>
+ * 
+ * to perform Blind SPARQL Injection (is there a building in the ontology 
+ * which starts with F?) will not be successful.
+ * 
+ * @author Pablo Ordu&ntilde;a ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Aitor Almeida ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Unai Aguilera ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Iker Larizgoitia ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Xabier Laiseca ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * 
+ * @see QueryFactory
+ * @see UpdateFactory
+ */
+
+public class ParameterizedString {
+	
+	public final String PARAMETER_REGEX = "\\$\\{[a-zA-Z0-9_\\.-]+\\}";
+	private final String XSD = "http://www.w3.org/2001/XMLSchema#";
+	
+	// SELECT ?name FROM { ${name} }
+	// would be:
+	
+	private String [] querySplitted; // {"SELECT ?name FROM { ", " }"}
+	private String [] keys;          // name
+	// String -> String
+	private Map values = new Hashtable(); // name : ValueClass{"boolean","true"}
+
+	private class ValueClass{
+		private String type;  //http://www.w3.org/TR/xmlschema-2/#built-in-datatypes
+		private String value;
+		public ValueClass(String type, String value){
+			this.type = type;
+			this.value = value;
+		}
+		
+		public String getType() {
+			return type;
+		}
+		
+		public String getValue() {
+			return value;
+		}
+	}
+	
+	/**
+	 * Initialize the object with a parameterized query.
+	 * 
+	 * The parameters are defined by {@link #PARAMETER_REGEX} syntax.
+	 * 
+	 * @param query The parameterized query
+	 */
+	
+	public ParameterizedString(String query){
+		if(query == null)
+			throw new IllegalArgumentException("query argument can't be null");
+		this.initialize(query + " ");
+	}
+		
+	void initialize(String query){
+		this.querySplitted = parseQuerySplitted(query);
+		this.keys = parseParameters(query);
+	}
+
+	private String [] parseParameters(String s) {
+		Pattern pat = Pattern.compile(this.PARAMETER_REGEX);
+		Matcher mat = pat.matcher(s);
+		List parameters = new Vector();
+		while(mat.find()){
+			String param = mat.group();
+			param = param.substring(2, param.length() - 1);
+			parameters.add(param);
+		}
+		return (String[])parameters.toArray(new String[]{});
+	}
+
+	private String [] parseQuerySplitted(String s) {
+		Pattern pat = Pattern.compile(this.PARAMETER_REGEX);
+		return pat.split(s);
+	}
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>int</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setInt (String label, int value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#int
+		setParameter(label, new ValueClass("int", Integer.toString(value)));
+	} 
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>short</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setShort (String label, short value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#short
+		setParameter(label, new ValueClass("short", Short.toString(value)));
+	} 
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>long</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setLong (String label, long value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#long
+		setParameter(label, new ValueClass("long", Long.toString(value)));
+	}
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>double</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setDouble (String label, double value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#double
+		setParameter(label, new ValueClass("double", Double.toString(value)));
+	}
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>float</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setFloat (String label, float value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#float
+		setParameter(label, new ValueClass("float", Float.toString(value)));
+	}
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>boolean</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setBoolean (String label, boolean value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#boolean
+		setParameter(label, new ValueClass("boolean", Boolean.toString(value)));
+	}
+	
+	/**
+	 * Sets the designated parameter to the given Java <code>byte</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setByte (String label, byte value)
+	{
+		// http://www.w3.org/TR/xmlschema-2/#byte
+		setParameter(label, new ValueClass("byte", Byte.toString(value)));
+	}
+
+	/**
+	 * Sets the designated parameter to the given Java <code>String</code> value.
+	 * 
+	 * @param label the parameter name.
+	 * @param value the parameter value.
+	 */
+	
+	public void setString (String label, String value)
+	{
+		//http://www.w3.org/TR/xmlschema-2/#string
+		if(value == null)
+			throw new IllegalArgumentException("param argument can't be null");
+		setParameter(label, new ValueClass("string", value));
+	}
+
+	private void setParameter (String label, ValueClass param)
+	{
+		for(int i = 0; i < this.keys.length; ++i)
+			if(this.keys[i].equals(label)){
+				this.values.put(label, param);
+				return;
+			}
+		throw new ParameterNotFoundException("Parameter " + label + " not found");
+	}
+	
+	/**
+	 * Build again the query with the provided parameters.
+	 * 
+	 * This method will be called by the QueryFactory object.
+	 * 
+	 * @return The query
+	 * @throws ParameterNotAssignedException 
+	 */
+	
+	public String getStringQuery(){
+		return this.getStringQuery(Syntax.syntaxSPARQL);
+	}
+	
+	/**
+	 * Build again the query with the provided parameters.
+	 * 
+	 * This method will be called by the QueryFactory object.
+	 * 
+	 * @return The query
+	 * @throws ParameterNotAssignedException 
+	 */
+	
+	public String getStringQuery(Syntax langURI){
+		if(
+				langURI == Syntax.syntaxSPARQL 
+				|| langURI == Syntax.syntaxRDQL
+		)
+			return this.getStringQueryImpl(langURI);
+		else
+			throw new UnsupportedOperationException("Unsupported syntax: " + langURI);
+	}
+	
+	private String getStringQueryImpl(Syntax langURI){
+		int length = this.querySplitted.length;
+		
+		String stringQuery = "";
+		for(int i = 0; i < length - 1; ++i){
+			stringQuery += this.querySplitted[i];
+			if(!this.values.containsKey(this.keys[i]))
+				throw new ParameterNotAssignedException("Parameter " + this.keys[i] + " was not assigned");
+			
+			ValueClass parameter = (ValueClass)this.values.get(this.keys[i]); 
+			String securedValue = this.secureParameter(parameter.getValue(), langURI);
+			String finalParameterValue = "'" + securedValue + "'^^<" + this.XSD + parameter.getType() + ">";  
+			stringQuery += finalParameterValue;
+		}
+		
+		if(length > 0)
+			stringQuery += this.querySplitted[length - 1];
+		
+		return stringQuery.substring(0, stringQuery.length() - 1);
+	}
+	
+	private String secureParameter(String param, Syntax langURI) {
+		String parsedParameter;
+		if(langURI == Syntax.syntaxSPARQL)
+			parsedParameter = parseUnicode(param);
+		else if(langURI == Syntax.syntaxRDQL)
+			parsedParameter = param;
+		else
+			// should not happen
+			throw new UnsupportedOperationException("Unsupported langURI: " + langURI);
+		
+		return checkCharacters(parsedParameter);
+	}
+
+	private String checkCharacters(String secureParam) {
+		StringBuffer buffer = new StringBuffer();
+		for(int i = 0; i < secureParam.length(); ++i){
+			char c = secureParam.charAt(i);
+			switch(c){
+				case '\'':
+						buffer.append('\\');
+						buffer.append('\'');
+					break;
+				case '\\':
+						buffer.append('\\');
+						buffer.append('\\');
+					break;
+				// From here to the end... just in case
+				// http://www.w3.org/TR/rdf-sparql-query/#grammarEscapes
+				// http://www.w3.org/Submission/2004/SUBM-RDQL-20040109/#lexical-tokens
+				case '\t':
+						buffer.append('\\');
+						buffer.append('t');
+					break;
+				case '\n':
+						buffer.append('\\');
+						buffer.append('n');
+					break;
+				case '\r':
+						buffer.append('\\');
+						buffer.append('r');
+					break;
+				case '\b':
+						buffer.append('\\');
+						buffer.append('b');
+					break;
+				case '\"':
+						buffer.append('\\');
+						buffer.append('\"');
+						break;
+				case '\0':
+						buffer.append('\\');
+						buffer.append('0');
+					break;
+				default:
+					buffer.append(c);
+			}
+		}
+		
+		return buffer.toString();
+	}
+
+	private String parseUnicode(String param){
+		// Only needed for SPAR{Q,U}L
+		// http://www.w3.org/TR/rdf-sparql-query/#codepointEscape
+		String unicodeRegex = "([^\\\\]|^)\\\\u([0-9a-fA-F]{4,8})";
+		Pattern pat = Pattern.compile(unicodeRegex);
+		Matcher mat = pat.matcher(param);
+		while(mat.find()){
+			String currentMatch = mat.group();
+			String firstCharacter = currentMatch.substring(0,currentMatch.lastIndexOf("\\"));
+			String numberInHex = currentMatch.substring(currentMatch.lastIndexOf("u") + 1);
+			char charValue = (char)Integer.parseInt(numberInHex, 16);
+			param = param.replace(currentMatch, firstCharacter + charValue);
+		}
+		return param;
+	}
+}
Index: src/org/mindswap/pellet/query/ParameterNotFoundException.java
===================================================================
--- src/org/mindswap/pellet/query/ParameterNotFoundException.java	(revisión: 0)
+++ src/org/mindswap/pellet/query/ParameterNotFoundException.java	(revisión: 25)
@@ -0,0 +1,23 @@
+package org.mindswap.pellet.query;
+
+import com.hp.hpl.jena.shared.JenaException;
+
+/**
+ * 
+ * @author Pablo Ordu&ntilde;a ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Aitor Almeida ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Unai Aguilera ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Iker Larizgoitia ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Xabier Laiseca ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ *
+ */
+public class ParameterNotFoundException extends JenaException {
+
+	public ParameterNotFoundException() {}
+
+	public ParameterNotFoundException(String message) { super(message);	}
+
+	public ParameterNotFoundException(Throwable cause) {	super(cause);	}
+
+	public ParameterNotFoundException(String message, Throwable cause) {	super(message, cause);	}
+}
Index: src/org/mindswap/pellet/query/ParameterNotAssignedException.java
===================================================================
--- src/org/mindswap/pellet/query/ParameterNotAssignedException.java	(revisión: 0)
+++ src/org/mindswap/pellet/query/ParameterNotAssignedException.java	(revisión: 25)
@@ -0,0 +1,23 @@
+package org.mindswap.pellet.query;
+
+import com.hp.hpl.jena.shared.JenaException;
+
+/**
+ * 
+ * @author Pablo Ordu&ntilde;a ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Aitor Almeida ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Unai Aguilera ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Iker Larizgoitia ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ * @author Xabier Laiseca ( <a href="http://www.morelab.deusto.es">MoreLab</a> )
+ *
+ */
+public class ParameterNotAssignedException extends JenaException {
+
+	public ParameterNotAssignedException() {}
+
+	public ParameterNotAssignedException(String message) { super(message);	}
+
+	public ParameterNotAssignedException(Throwable cause) {	super(cause);	}
+
+	public ParameterNotAssignedException(String message, Throwable cause) {	super(message, cause);	}
+}
Index: src/org/mindswap/pellet/query/QueryEngine.java
===================================================================
--- src/org/mindswap/pellet/query/QueryEngine.java	(revisión: 11)
+++ src/org/mindswap/pellet/query/QueryEngine.java	(copia de trabajo)
@@ -98,18 +98,34 @@
 	    return exec( queryStr, kb, DEFAULT_SYNTAX );	    
 	}
     
+    public static QueryResults exec( ParameterizedString queryStr, KnowledgeBase kb ) {    
+	    return exec( queryStr.getStringQuery(DEFAULT_SYNTAX), kb );	    
+	}
+    
     public static QueryResults execRDQL( String queryStr, KnowledgeBase kb ) {
 	    return exec( queryStr, kb, Syntax.syntaxRDQL );	    
 	}
     
+    public static QueryResults execRDQL( ParameterizedString queryStr, KnowledgeBase kb ) {
+	    return execRDQL( queryStr.getStringQuery(Syntax.syntaxRDQL), kb );	    
+	}
+    
     public static QueryResults execSPARQL( String queryStr, KnowledgeBase kb ) {
 	    return exec( queryStr, kb, Syntax.syntaxSPARQL );	    
 	}
 
+    public static QueryResults execSPARQL( ParameterizedString queryStr, KnowledgeBase kb ) {
+	    return execSPARQL( queryStr.getStringQuery(Syntax.syntaxSPARQL), kb);	    
+	}
+
     public static Query parse( String queryStr, KnowledgeBase kb ) {
         return parse( queryStr, kb, DEFAULT_SYNTAX );       
     }
     
+    public static Query parse( ParameterizedString queryStr, KnowledgeBase kb ) {
+        return parse( queryStr.getStringQuery(DEFAULT_SYNTAX), kb);       
+    }
+    
     public static Query parse( String queryStr, KnowledgeBase kb, Syntax syntax ) {    
         QueryParser parser = createParser( syntax );
         Query query = parser.parse( queryStr, kb );
@@ -117,12 +133,20 @@
         return query;
     }
     
+    public static Query parse( ParameterizedString queryStr, KnowledgeBase kb, Syntax syntax ) {    
+        return parse( queryStr.getStringQuery(syntax), kb, syntax );
+    }
+    
     public static QueryResults exec( String queryStr, KnowledgeBase kb, Syntax syntax ) {    
 	    Query query = parse( queryStr, kb, syntax );
 	    
 	    return exec( query );
 	}
 
+    public static QueryResults exec( ParameterizedString queryStr, KnowledgeBase kb, Syntax syntax ) {
+    	return exec(queryStr.getStringQuery(syntax), kb, syntax);
+	}
+
     public static QueryResults exec( Query query, KnowledgeBase kb ) {
         KnowledgeBase origKB = query.getKB();
         query.setKB( kb );
