Yeah, I just saw Eric's suggestion. That looks pretty good, I'm going to
switch it to that tomorrow.
Mike
-Original Message-
From: Niels Beekman [mailto:[EMAIL PROTECTED]
Sent: December 8, 2005 5:30 PM
To: user-java@ibatis.apache.org
Subject: RE: Multiple deletes?
Larry means iteratin
Larry means iterating your list, that would still result in one query,
but one that works and still protects against SQL injection.
Niels
-Original Message-
From: Michael Laccetti [c] [mailto:[EMAIL PROTECTED]
Sent: donderdag 8 december 2005 23:12
To: user-java@ibatis.apache.org
Subject:
If I used iteration, I'd have a lot of queries. Since this database can
scale to be pretty huge, I'd prefer to not do that.
Also, the information isn't blindly pulled from a form, and then jammed into
the database. Validation does happen.
And it worked. Thanks kindly. :)
-Original Messa
I do something similar for selects using iteration. In this case I use a HashMap for my parameter class:
...
select * from table where name in
#nameList[]#
...
On 12/8/05, Vijai Senthil Padmanabhan Kalaiyarasi <[EMAIL PROTECTED]> wrote:
Mike,try using $ instead of #, asDELETE FROM ALERTS WHER
Mike,
try using $ instead of #, as
DELETE FROM ALERTS WHERE ID IN ($value$)
this would replace the string you pass as it is.
In case of # it wud take it as a single parameter and execute it as
DELETE FROM ALERTS WHERE ID IN '322,321,320,319,318,317,316,315,314,313'
since u pass the parameter ty
You could do this:
DELETE FROM ALERTS WHERE ID IN ($value$)
It is beggin for SQL injection, but...it will work.
A better route would be to use iteration to do it.
Larry
On 12/8/05, Michael Laccetti [c] <[EMAIL PROTECTED]> wrote:
> I have the following statement defined in iBATIS:
>
>
> DEL
Vinny <[EMAIL PROTECTED]> writes:
> On 11/10/05, Paul Benedict <[EMAIL PROTECTED]> wrote:
> > ...While you're at it, I don't think caching works unless you pass
> > in parameters; I have MANY parameterless queries and I haven't
> > been able to see them get cached yet (stay tuned).
>
>
> Is thi
I have the following statement defined in iBATIS:
DELETE FROM ALERTS WHERE ID IN (#value#)
I pass it a String in the form of 322,321,320,319,318,317,316,315,314,313.
Now, when I call it, I get the following:
DEBUG [08 Dec 05 11:19:26] [http-8080-Processor23]
java.sql.PreparedStatement - {pst
hello,
i want to give my users the possibility to write their own statements.
If they do not, i will user a "default" statement
so, in my code, what i'm trying to do is :
given à sqlmapclient
search if the "user-statement" exists
if so, execute the user-statement
if not, execute