Project:
| View Revisions: Issue #38136 | [ All Revisions ] [ Back to Issue ] | ||
| Summary | 0038136: Tracking issue: Find & Fix queries not using bind-params but embedding values into query string | ||
| Revision | 2018-03-14 16:26 by shuehner | ||
| Description | Queries should separate query text from data values which is done using bind-parameters. That is important to 3 reasons: a.) Avoid SQL/HQL injections b.) Not have 'different SQL text' for same query but different values b.1) To efficient utilize hibernate cache b.2) Inefficient use of oracle query cache as not using bind variables make 'same query' show up with many times with different query cache. This issue is to link the various individual issues to fix the concrete cases found. |
||
| Revision | 2018-03-14 16:15 by shuehner | ||
| Description | Queries should separate query text from data values which is done using bind-parameters. That is important to 3 reasons: a.) Avoid SQL/HQL injections b.) Not have 'different SQL text' for same query but different values b.1) To efficient utilize hibernate cache b.2) This issue is to link the various individual issues to fix the concrete cases found. |
||
| Copyright © 2000 - 2009 MantisBT Group |
 |