java - setParameter For Two Or More Arguments Not Working In Jpa (Mysql Injection) -


hello guys...i looking way avoid mysql injection in jpa..and got link http://software-security.sans.org/developer-how-to/fix-sql-injection-in-java-persistence-api-jpa cool...and works fine single argument here code...

            stringbuilder getcity = new stringbuilder();             getcity.append("select ");             getcity.append(" city.* ");             getcity.append("from  ");             getcity.append(" city  ");             getcity.append("where ");             getcity.append("city.name ?1");             system.out.println(getcity.tostring());             getsearchquery=entitymanager.createnativequery(getcity.tostring(),citymodel.class).setmaxresults(1);             getsearchquery.setparameter(1,querytosearch);             city=(citymodel)getsearchquery.getsingleresult();

here other code 2 argument there..

getcity.append("select ");             getcity.append(" concat_ws('<br />',city.name,city.address) ");             getcity.append("from  ");             getcity.append("city  ");             getcity.append("where ");             getcity.append(" (city.name ");             getcity.append(" ?1 or city.address ");             getcity.append(" ?2)");             getcity.append(" , ");             getcity.append(" city.status=");             getcity.append("'"+"active"+"'");             getcity.append(" , city.type= ?3");             system.out.println(getcity.tostring());             getsearchquery=entitymanager.createnativequery(getcity.tostring());             getsearchquery.setparameter(1,querytosearch);             getsearchquery.setparameter(2,querytosearch);             getsearchquery.setparameter(3,citytype);

note:works fine in second query if put 1 like...(multiple , argument not working) , curious how ?1 in query works %type% or %type or type :)

for future users wants in jpa native query

wrong one... 

 getsearchquery.setparameter(1,querytosearch);  getsearchquery.setparameter(2,querytosearch);  getsearchquery.setparameter(3,citytype);

right one

 getsearchquery.setparameter(1,"%"+querytosearch+"%");  getsearchquery.setparameter(2,"%"+querytosearch+"%");  getsearchquery.setparameter(3,citytype);

Comments

Post a Comment

Popular posts from this blog

javascript - Using jquery append to add option values into a select element not working -

i'm looking dynamically populate select element names of items stored array. for reason it's not working , i'm not sure why. html: <div class="col-md-4 col-md-offset-4"> <select class="select1"> </select> , <select class="select2"> </select> </div> note i'm using bootstrap layout. here's jquery i'm using try , populate ".select1" jquery: select: function() { $.each(state.greens, function(index, value) { $(".select1").append("<option value =' " + index + " '>" + state.greens[index].name + "</option>"); }); } note function 'select' stored within object called 'display'. state.greens name of array i'm trying access. so @ end of html page call display.select(); call function. no error messages showing in console. also, saw question: appending
Read more

Android soft keyboard reverts to default keyboard on orientation change -

i'm building android soft keyboard , can't seem fix bug - have arabic , qwerty keyboard , when rotate device on qwerty keyboard (or arabic shift), it's if program has "restarted" , becomes arabic keyboard without shift. the onsaveinstancestate(bundle savedinstancestate) not work because application not extend activity inputmethodservice . i put following in android manifest android:configchanges="keyboard|keyboardhidden|orientation" android:windowsoftinputmode="stateunchanged|adjustresize"> i tried using @override public void onconfigurationchanged(configuration newconfig) { super.onconfigurationchanged(newconfig); log.i(mydebug, "config changed " + currentkeyboard.equals(qwerty)); } however, currentkeyboard.equals(qwerty)) results false , made sure true before orientation change. any appreciated. i think applications fault. if application restarting on orientation change
Read more

jquery - javascript onscroll fade same class but with different div -

i new @ javascript , want learn new. there wrong code : why div fades @ same time. i want ask how fade different div s same class name.can me , explain me. thanks in advance. javascript: $(window).scroll(function(){ if ($( "div.fade" ).offset().top - $(window).scrolltop() <= 100){ $('.fade').addclass( "fade-in"); } else { $('.fade').removeclass("fade-in"); } }); here jsfiddle onscroll = function () { var scrolltop = $(this).scrolltop() ; $("div.fade").each(function(){ if(($(this).offset().top - scrolltop) <= 100){ $(this).toggleclass("fade-in"); } }) }
Read more