org.xerial.db.sql
Class SQLExpression
java.lang.Object
org.xerial.db.sql.SQLExpression
public class SQLExpression
- extends Object
SQLExpression is a template that has several variables $1, $2, ... etc. A
user can assign arbitrary values into an SQLExpression.
String assignedSQL = SQLExpression.assignTo("select * from $1", "t1");
// assignedSQL will be "select * from t1"
- Author:
- leo
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SQLExpression
public SQLExpression(String sql)
- Parameters:
sql - sql expression template
assign
public String assign(Object... arguments)
throws DBException
- assign values given as arguments to variables $1, $2, ...
- Parameters:
arguments - string values to replace variables
- Returns:
- an SQL expression in which variables $1, $2, ... are replaced
with arguments
- Throws:
DBException
sanitize
public static String sanitize(String input,
SQLExpression.Quote contextQuotation)
throws DBException
- unquote the input value and remove any maricious statement to avoid SQL
injection.
- Parameters:
input - contextQuotation - quotation type where input string is contained.
- Returns:
-
- Throws:
DBException - when the input value has invalid quotation
fillTemplate
public static String fillTemplate(String sqlTemplate,
Object... arguments)
throws DBException
- assign values to the given SQL template
- Parameters:
sqlTemplate - SQL expressionarguments - assign values
- Returns:
- sql expression in which variables are replaced with values
- Throws:
DBException - when input values have invalid quotations
This work is licensed under a Creative Commons Attribution-ShareAlike 2.1 Japan License.