rob.atkin...@csiro.au ha scritto: > +1 > > I concur the goal is to replace sqlview store, and this is a more > comprehensive approach. > > We'll need to think carefully and set up some test cases for passing > parameters from filters against complex feature schemas into > parameters in prepared statements, and I haven't had time to look > more closely into what would be involved, but hopefully we can get > the SISS team to have a look sometime..
If you look in gt-devel there is a long discussion on why we won't be using prepared statements but plain old string substitution instead (yes, we know there risks, but there no no money on the table for the prepared statements approach, as it won't give the sponsor what they want, which is, full sql snippets injection) Cheers Andrea -- Andrea Aime OpenGeo - http://opengeo.org Expert service straight from the developers. ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
