在Orientdb的查询中本机检查参数要求
[英]Natively Check parameter requirement in Query in Orientdb
问题描述
Is it possible to natively check whether a SQL query requires a parameter(positional or named) to be injected??? 
是否可以从本地检查SQL查询是否需要注入参数(位置或名称)??? I can do it using 'regex' but was searching for some native odb API way. 我可以使用“ regex”来实现,但是正在寻找某些本机odb API方式。
Thanx 谢谢
Note : Have removed the updated comment, felt it was unethical 注意:删除了更新的评论,认为这是不道德的
1 个解决方案
解决方案1
0 已采纳 2017-10-31 08:58:23
The official answer is NO, here is no exposed API for this right now. 官方的答案是“否”,这是目前没有公开的API。
All you can do right now (v 2.2 and 3.0) is parse the SQL statement as follows: 您现在(2.2和3.0版)所能做的就是解析SQL语句,如下所示:
String statement = ....; // the SQL query
InputStream is = new ByteArrayInputStream(statement.getBytes());
OrientSql osql = new OrientSql(is);
OStatement result = osql.parse();
and check its content to find instances of OInputParameter. 并检查其内容以查找OInputParameter的实例。
PLEASE CONSIDER THAT IT'S NOT INTENDED AS A PUBLIC API, SO IT MAY CHANGE IN NEXT RELEASES. 请考虑不要将其作为公共API使用,因此可能会在下一个版本中进行更改。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.