Hi Lukas, You're right. It works out of the box as you describe - nothing special needed. I think I was looking at the inlined version instead of the indexed version of the query. Thanks for the quick response.
On Monday, September 29, 2014 1:02:43 PM UTC-7, Lukas Eder wrote: > > Hi Vijay, > > Did you try the example you've listed? It works just like you thought: > > dslContext.select(aField).from(someTable).where(nameField.in(names)); > > > This will indeed generate as many bind variables as you pass in names. > > In the future, we'll also provide means to circumvent too many hard-parses > because of differing SQL statements, but in terms of SQL injection safety, > you're always on the safe side with jOOQ, as jOOQ will always generate bind > values per default. > > Hope this helps, > Lukas > > 2014-09-29 20:44 GMT+02:00 Vijay Ganesan <[email protected] > <javascript:>>: > >> >> Consider a query such as: >> dslContext.select(aField).from(someTable).where(nameField.eq(name)); >> where name is a String. >> This translates to this parameterized query: >> select aField from someTable where nameField = ?; >> >> How do you achieve the same type of parameterization with an in-list such >> as: >> dslContext.select(aField).from(someTable).where(nameField.in(names)); >> where names is a List of Strings. >> I expect this to translate to: >> select aField from someTable where nameField in (?, ?, .... ?) >> where there are as many '?' as there are names. >> >> Is there a way to achieve this? If not, what is the alternative to guard >> against SQL injections? >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "jOOQ User Group" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "jOOQ User Group" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
