ibatis-user-java mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Law <andy....@roslin.ed.ac.uk>
Subject Re: How Do I Change Schema
Date Mon, 17 Aug 2009 14:54:41 GMT

pczurak wrote:
> I am sorry, I am very new to iBates, I do not know what this means
> "You'll have to make
> $schema$ a property of your parameter object. "
> how do I do this, can you point me to an example?

OK. When you hit the iBatis query code, you pass in a 'parameter' object to
the getObject/getList routine of the SqlMapClient...


Object result = this.getSqlMapClient().queryForObject(statementName,

The SQL statement that corresponds to the 'statementName' is then extracted
and parsed/prepared/run using values from the parameterObject object.

So, if the statement said....

SELECT name, title, id
FROM person
WHERE person_uid = #accession#

then this statement gets prepared into 

SELECT name, title, id
FROM person
WHERE person_uid = '?'

and gets given the argument that results from either calling
parameterObject.getAccession() (if parameterObject is a bean) or
parameterObject.get("accession") (if parameterObject is a Map).

If you try to do that with namespaces, it will fail because the #varName#
syntax results in an invalid statement when it is prepared


SELECT name, title, id
FROM #namespace#.person
WHERE person_uid = #accession#

would get prepared into...

SELECT name, title, id
FROM '?'.person
WHERE person_uid = '?'

which is invalid.

iBatis does have another syntax for inserting into statements however which
uses the $varName$ syntax.



SELECT name, title, id
FROM $namespace$.person
WHERE person_uid = #accession#

could get prepared into a valid statement.

In order for this to work, you need to make your parameterObject return a
valid reply when sent the message .getNamespace() or .get("namespace") in
exactly the same way that the accession parameter is filled in. This gets
called before the statement is prepared, so presuming that your
parameterObject reports 'freddy' in response to
parameterObject.getNamespace(), your statement would then be prepared as:

SELECT name, title, id
FROM freddy.person
WHERE person_uid = '?'

and then the parameterObject would be asked for the accession argument as

You should be aware though that this is a "dangerous exercise" as it
potentially opens your application up to SQL injection attacks. You should
NEVER use $varName$ insertion without rigorously checking the value being

Hope that helps.


View this message in context: http://www.nabble.com/How-Do-I-Change-Schema-tp24948645p25008285.html
Sent from the iBATIS - User - Java mailing list archive at Nabble.com.

To unsubscribe, e-mail: user-java-unsubscribe@ibatis.apache.org
For additional commands, e-mail: user-java-help@ibatis.apache.org

View raw message