incubator-isis-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin Meyer (JIRA)" <j...@apache.org>
Subject [jira] Created: (ISIS-10) Properly use prepared statements instead of injecting values into "insert" and "update" SQL statements
Date Fri, 05 Nov 2010 10:21:41 GMT
Properly use prepared statements instead of injecting values into "insert" and "update" SQL
statements
------------------------------------------------------------------------------------------------------

                 Key: ISIS-10
                 URL: https://issues.apache.org/jira/browse/ISIS-10
             Project: Isis
          Issue Type: Improvement
          Components: Alternatives: ObjectStore: SQL
    Affects Versions: 0.1
            Reporter: Kevin Meyer
            Assignee: Kevin Meyer
            Priority: Minor


At the moment, all "insert" and "update" commands use a fully formed SQL string with embedded
values:
"insert into SQLDATACLASS (PK_ID, color,date_time) values (2252, '0','2010-03-05 22:23:000000')".

This should be updated to "insert into SQLDATACLASS (PK_ID, color,date_time) values (?,?,?)".

This should also solve issues with quoting values such as (especially affecting DB2) quoting
integer, float, etc, non-string values. DB2 is throwing an exception when integers and floats
are quoted ('1') instead of (1).


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message