Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to pass an indefinite amount of parameters to an sql query? #51

Open
cheprus opened this issue Mar 23, 2022 · 1 comment
Open

How to pass an indefinite amount of parameters to an sql query? #51

cheprus opened this issue Mar 23, 2022 · 1 comment
Labels
enhancement question

Comments

@cheprus
Copy link

cheprus commented Mar 23, 2022

Hi there,
Is there a right way to pass a list of parameters to an sql query?
select * from table where id in ( 'a', 'list', 'of', 'ids' )

Now I prepare a variable as String, but it looks unsecure.

val query = """ select * from table where id in ( ${idList} ) """.trimMargin()
l = kotliquery.queryOf(sqlMI).map(toMyObject).asList
session.run(l)
@seratch
Copy link
Owner

seratch commented Apr 3, 2022

This library does not support any builders for safely constructing an in-clause. You can go with the way that you mentioned. I would suggest accepting only ID values, not arbitrary values passed by the method caller.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@seratch @cheprus