You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user-java@ibatis.apache.org by EC...@nyiso.com on 2008/06/09 16:50:47 UTC
Dynamic Java SQL
Dangit, I didn't change the Subject to be unique. Sorry..
Is there any way to generate an iBATIS statement in Java, including
property references that reference attributes of the same object that you
passed in the statement?
Ok so I'd like to give iBATIS a map with 2 elements:
Map<String, Object> mapToGiveIbatis;
mapToGiveIbatis.put( "ibatisStatement", "SELECT * FROM user WHERE userid =
#useridInputParam#" );
mapToGiveIbatis.put( "useridInputParam", 1257 );
......queryForObject( "javaGeneratedIbatisStatement", mapToGiveIbatis );
And the ibatis looks like this:
<select id="javaGeneratedIbatisStatement" ....>
$ibatisStatement$
</select>
I get the feeling I misread the book, where it said that iBATIS did the $
replacements before the prepared statement, but in my case it would have to
do the $ replacements and then re-read the statement to do the #
replacements, pulling the # replacements from the same map that I passed in
the statement itself, which, after thinking about it more, doesn't seem
like it would.
-----------------------------------------
*******************************************************************
***
The information in this email is confidential and may be legally
privileged against disclosure other than to the intended recipient.
It is intended solely for the addressee. Access to this email by
anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful. Please immediately
delete this message and inform the sender of this error.
*******************************************************************
***
Re: Dynamic Java SQL
Posted by EC...@nyiso.com.
Thanks Nathan.
I picked through the iBATIS source and think I see what's happening.
Roughly it looks like iBATIS pulls in the <include>s then the #param#s then
finally the $string$s.
I'll try to accomplish what I was trying to accomplish using <include>s and
see how far I can get, rather than turning my parameters into Strings and
generating the statement in Java and including it using $ in the iBATIS
statement.
"Nathan Maves"
<nathan.maves@gma
il.com> To
user-java@ibatis.apache.org
06/09/2008 11:42 cc
AM
Subject
Re: Dynamic Java SQL
Please respond to
user-java@ibatis.
apache.org
You cannot quite do what you are trying to do.
You need to get the string fully ready to send to the map and then use the
$$ life you have in your example.
Be very weary about this approach because you might leave yourself open to
sql injection
On Mon, Jun 9, 2008 at 8:50 AM, <EC...@nyiso.com> wrote:
Dangit, I didn't change the Subject to be unique. Sorry..
Is there any way to generate an iBATIS statement in Java, including
property references that reference attributes of the same object that you
passed in the statement?
Ok so I'd like to give iBATIS a map with 2 elements:
Map<String, Object> mapToGiveIbatis;
mapToGiveIbatis.put( "ibatisStatement", "SELECT * FROM user WHERE userid
=
#useridInputParam#" );
mapToGiveIbatis.put( "useridInputParam", 1257 );
......queryForObject( "javaGeneratedIbatisStatement", mapToGiveIbatis );
And the ibatis looks like this:
<select id="javaGeneratedIbatisStatement" ....>
$ibatisStatement$
</select>
I get the feeling I misread the book, where it said that iBATIS did the $
replacements before the prepared statement, but in my case it would have
to
do the $ replacements and then re-read the statement to do the #
replacements, pulling the # replacements from the same map that I passed
in
the statement itself, which, after thinking about it more, doesn't seem
like it would.
-----------------------------------------
*******************************************************************
***
The information in this email is confidential and may be legally
privileged against disclosure other than to the intended recipient.
It is intended solely for the addressee. Access to this email by
anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful. Please immediately
delete this message and inform the sender of this error.
*******************************************************************
***
-----------------------------------------
*******************************************************************
***
The information in this email is confidential and may be legally
privileged against disclosure other than to the intended recipient.
It is intended solely for the addressee. Access to this email by
anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance
on it, is prohibited and may be unlawful. Please immediately
delete this message and inform the sender of this error.
*******************************************************************
***
Re: Dynamic Java SQL
Posted by Nathan Maves <na...@gmail.com>.
You cannot quite do what you are trying to do.
You need to get the string fully ready to send to the map and then use the
$$ life you have in your example.
Be very weary about this approach because you might leave yourself open to
sql injection
On Mon, Jun 9, 2008 at 8:50 AM, <EC...@nyiso.com> wrote:
> Dangit, I didn't change the Subject to be unique. Sorry..
>
>
>
> Is there any way to generate an iBATIS statement in Java, including
> property references that reference attributes of the same object that you
> passed in the statement?
>
> Ok so I'd like to give iBATIS a map with 2 elements:
>
> Map<String, Object> mapToGiveIbatis;
>
> mapToGiveIbatis.put( "ibatisStatement", "SELECT * FROM user WHERE userid =
> #useridInputParam#" );
> mapToGiveIbatis.put( "useridInputParam", 1257 );
>
> ......queryForObject( "javaGeneratedIbatisStatement", mapToGiveIbatis );
>
> And the ibatis looks like this:
> <select id="javaGeneratedIbatisStatement" ....>
> $ibatisStatement$
> </select>
>
>
> I get the feeling I misread the book, where it said that iBATIS did the $
> replacements before the prepared statement, but in my case it would have to
> do the $ replacements and then re-read the statement to do the #
> replacements, pulling the # replacements from the same map that I passed in
> the statement itself, which, after thinking about it more, doesn't seem
> like it would.
>
>
> -----------------------------------------
> *******************************************************************
> ***
> The information in this email is confidential and may be legally
> privileged against disclosure other than to the intended recipient.
> It is intended solely for the addressee. Access to this email by
> anyone else is unauthorized.
>
> If you are not the intended recipient, any disclosure, copying,
> distribution or any action taken or omitted to be taken in reliance
> on it, is prohibited and may be unlawful. Please immediately
> delete this message and inform the sender of this error.
> *******************************************************************
> ***
>
>