ibatis-user-java mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pczurak <CZU...@wsinc.com>
Subject Re: How Do I Change Schema
Date Tue, 18 Aug 2009 04:28:51 GMT

Thank you for all of your help!

I think I will just have 2 sets of XML files, one for Test and one for
production, just have to remember to update or change both when something
changes.



Andy Law wrote:
> 
> 
> pczurak wrote:
>> 
>> I am sorry, I am very new to iBates, I do not know what this means
>> 
>> "You'll have to make
>> $schema$ a property of your parameter object. "
>> 
>> how do I do this, can you point me to an example?
>> 
>> 
> 
> 
> OK. When you hit the iBatis query code, you pass in a 'parameter' object
> to the getObject/getList routine of the SqlMapClient...
> 
> e.g. 
> 
> Object result = this.getSqlMapClient().queryForObject(statementName,
> parameterObject);
> 
> 
> The SQL statement that corresponds to the 'statementName' is then
> extracted and parsed/prepared/run using values from the parameterObject
> object.
> 
> So, if the statement said....
> 
> SELECT name, title, id
> FROM person
> WHERE person_uid = #accession#
> 
> then this statement gets prepared into 
> 
> SELECT name, title, id
> FROM person
> WHERE person_uid = '?'
> 
> and gets given the argument that results from either calling
> parameterObject.getAccession() (if parameterObject is a bean) or
> parameterObject.get("accession") (if parameterObject is a Map).
> 
> If you try to do that with namespaces, it will fail because the #varName#
> syntax results in an invalid statement when it is prepared
> 
> i.e.
> 
> SELECT name, title, id
> FROM #namespace#.person
> WHERE person_uid = #accession#
> 
> would get prepared into...
> 
> SELECT name, title, id
> FROM '?'.person
> WHERE person_uid = '?'
> 
> 
> which is invalid.
> 
> 
> iBatis does have another syntax for inserting into statements however
> which uses the $varName$ syntax.
> 
> Thus:
> 
> i.e.
> 
> SELECT name, title, id
> FROM $namespace$.person
> WHERE person_uid = #accession#
> 
> could get prepared into a valid statement.
> 
> In order for this to work, you need to make your parameterObject return a
> valid reply when sent the message .getNamespace() or .get("namespace") in
> exactly the same way that the accession parameter is filled in. This gets
> called before the statement is prepared, so presuming that your
> parameterObject reports 'freddy' in response to
> parameterObject.getNamespace(), your statement would then be prepared as:
> 
> SELECT name, title, id
> FROM freddy.person
> WHERE person_uid = '?'
> 
> and then the parameterObject would be asked for the accession argument as
> before.
> 
> You should be aware though that this is a "dangerous exercise" as it
> potentially opens your application up to SQL injection attacks. You should
> NEVER use $varName$ insertion without rigorously checking the value being
> inserted.
> 
> Hope that helps.
> 
> Later,
> 
> Andy
> 

-- 
View this message in context: http://www.nabble.com/How-Do-I-Change-Schema-tp24948645p25018289.html
Sent from the iBATIS - User - Java mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: user-java-unsubscribe@ibatis.apache.org
For additional commands, e-mail: user-java-help@ibatis.apache.org


Mime
View raw message