Project:
View Revisions: Issue #40578 | [ Back to Issue ] | ||
Summary | 0040578: Utility.getListValueName is not using bind-parameters | ||
Revision | 2019-04-10 12:33 by shuehner | ||
Description | This code is not using bind-params: String hql = " select rlt.name as name " + " from ADReference r, " + " ADList rl," + " ADListTrl rlt" + " where rl.reference = r" + " and rlt.listReference = rl" + " and rlt.language.language = '" + lang + "'" + " and r.name = '" + ListName + "'" + " and rl.searchKey = '" + value + "'"; Query<String> q = OBDal.getInstance().getSession().createQuery(hql, String.class); same method later: hql = " select rl.name " + " from ADReference r, " + " ADList rl" + " where rl.reference = r" + " and r.name = '" + ListName + "'" + " and rl.searchKey = '" + value + "'"; q = OBDal.getInstance().getSession().createQuery(hql, String.class); |
||
Revision | 2019-04-10 12:32 by shuehner | ||
Description | This code is not using bind-params: String hql = " select rlt.name as name " + " from ADReference r, " + " ADList rl," + " ADListTrl rlt" + " where rl.reference = r" + " and rlt.listReference = rl" + " and rlt.language.language = '" + lang + "'" + " and r.name = '" + ListName + "'" + " and rl.searchKey = '" + value + "'"; Query<String> q = OBDal.getInstance().getSession().createQuery(hql, String.class); |
Copyright © 2000 - 2009 MantisBT Group |