You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@camel.apache.org by "Claus Ibsen (JIRA)" <ji...@apache.org> on 2013/06/02 17:24:20 UTC

[jira] [Resolved] (CAMEL-6157) Parametrized queries in JDBC component

     [ https://issues.apache.org/jira/browse/CAMEL-6157?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Claus Ibsen resolved CAMEL-6157.
--------------------------------

       Resolution: Fixed
    Fix Version/s:     (was: Future)
                   2.12.0

Thanks for your contribution. I polished the patch a bit and made it work with non named parameters, eg just using ? as well.
                
> Parametrized queries in JDBC component
> --------------------------------------
>
>                 Key: CAMEL-6157
>                 URL: https://issues.apache.org/jira/browse/CAMEL-6157
>             Project: Camel
>          Issue Type: Improvement
>          Components: camel-jdbc
>            Reporter: Henryk Konsek
>            Assignee: Claus Ibsen
>             Fix For: 2.12.0
>
>         Attachments: DefaultSqlPrepareStatementStrategy.java, JdbcParameterizedQueryTest.java, JdbcParameterizedQueryTest.java, JdbcParameterizedQueryTest.java, JdbcPrepareStatementStrategy.java, JdbcProducer.java, JdbcProducer.java
>
>
> Juan pointed that currently it is difficult to create SQL-injection safe query with JDBC component. We could provide option to send query parameters via message header.
> {code}
> from("direct:sql").to("jdbc:testDB");
> ...
> producerTemplate.sendBodyAndHeader("direct:sql", "JDBC_PARAMETERS", "fooValue", "insert into foo values (?)");
> {code}
> [1] http://camel.465427.n5.nabble.com/Dinamyc-SQL-with-arguments-tp5729003.html

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira