Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Revisions: Issue #40578 All Revisions ] Back to Issue ]
Summary 0040578: Utility.getListValueName is not using bind-parameters
Revision 2019-04-10 12:33 by shuehner
Description This code is not using bind-params:

    String hql = " select rlt.name as name " + " from ADReference r, " + " ADList rl,"
        + " ADListTrl rlt" + " where rl.reference = r" + " and rlt.listReference = rl"
        + " and rlt.language.language = '" + lang + "'" + " and r.name = '" + ListName + "'"
        + " and rl.searchKey = '" + value + "'";
    Query<String> q = OBDal.getInstance().getSession().createQuery(hql, String.class);


same method later:

    hql = " select rl.name " + " from ADReference r, " + " ADList rl"
        + " where rl.reference = r" + " and r.name = '" + ListName + "'"
        + " and rl.searchKey = '" + value + "'";
    q = OBDal.getInstance().getSession().createQuery(hql, String.class);
Revision 2019-04-10 12:32 by shuehner
Description This code is not using bind-params:

    String hql = " select rlt.name as name " + " from ADReference r, " + " ADList rl,"
        + " ADListTrl rlt" + " where rl.reference = r" + " and rlt.listReference = rl"
        + " and rlt.language.language = '" + lang + "'" + " and r.name = '" + ListName + "'"
        + " and rl.searchKey = '" + value + "'";
    Query<String> q = OBDal.getInstance().getSession().createQuery(hql, String.class);

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker