You are viewing a plain text version of this content. The canonical link for it is here.

Posted to torque-dev@db.apache.org by tf...@apache.org on 2012/08/26 12:55:38 UTC

svn commit: r1377418 - /db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java

Author: tfischer
Date: Sun Aug 26 10:55:38 2012
New Revision: 1377418

URL: http://svn.apache.org/viewvc?rev=1377418&view=rev
Log:
use preparedStatement to select from id table

Modified:
    db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java

Modified: db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java
URL: http://svn.apache.org/viewvc/db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java?rev=1377418&r1=1377417&r2=1377418&view=diff
==============================================================================
--- db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java (original)
+++ db/torque/torque4/trunk/torque-runtime/src/main/java/org/apache/torque/oid/IDBroker.java Sun Aug 26 10:55:38 2012
@@ -21,6 +21,7 @@ package org.apache.torque.oid;
 
 import java.math.BigDecimal;
 import java.sql.Connection;
+import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
@@ -827,19 +828,18 @@ public class IDBroker implements Runnabl
             .append(ID_TABLE)
             .append(" WHERE ")
             .append(COL_TABLE_NAME)
-            .append(" = '")
-            .append(tableName)
-            .append('\'');
+            .append(" = ?");
 
-        Statement statement = null;
+        PreparedStatement statement = null;
         ResultSet rs = null;
 
         BigDecimal[] results = new BigDecimal[2];
 
         try
         {
-            statement = con.createStatement();
-            rs = statement.executeQuery(stmt.toString());
+            statement = con.prepareStatement(stmt.toString());
+            statement.setString(1, tableName);
+            rs = statement.executeQuery();
 
             if (rs.next())
             {



---------------------------------------------------------------------
To unsubscribe, e-mail: torque-dev-unsubscribe@db.apache.org
For additional commands, e-mail: torque-dev-help@db.apache.org