Well, I want to update an SQL query with a chunk of java code but it doesn't work. I don't know if I'm using the right way to do it.
Here my code :
String GICA_petrom_filter = "";
if (context.yoda_core_country.equals("ROU")) {
GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}
Can I use a prepared statement ? not sure if it's efficient...
First of all you should not concatenate strings like this in SQL, it is a really bad habit, this should help you https://www.baeldung.com/sql-injection
Try to use query builders, or the methods described if the article linked above
And then you're missing a space after the
AND NASSAS NOT IN (SELECT MAG FROM'"
change it to :
AND NASSAS NOT IN (SELECT MAG FROM '"
But as I said, you should not concatenate to build queries like this ;) Also try posting the errors you get in the log, when you ask a question, it helps a lot to solve your issues !
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.