Yep... Plain SQL will always work. I like the nice usage of batch.
But don't risk SQL injection vulnerabilities. Write this, instead!
String sql = "update `mission_users` set `remaining` = (@x := @x + 1)
where mission_id=? and mission_parameters_id=? order by execution
desc;";
dsl.batch(dsl.query("SET @x = 0;"),dsl.query(sql, missionId,
missionParameterId)).execute();
More info about SQL injection in this article here:
http://blog.jooq.org/2013/11/05/using-sql-injection-vulnerabilities-to-dump-your-database/
2015-01-28 15:51 GMT+01:00 Stanimir Marinov <syt...@gmail.com>:
> This is my fix:
>
>
> String sql = "update `mission_users` set `remaining` = (@x := @x + 1) where
> mission_id=" + missionId + " and mission_parameters_id=" + missionParameterId
> + " order by execution desc;";
> dsl.batch(dsl.query("SET @x = 0;"),dsl.query(sql)).execute();
>
> --
> You received this message because you are subscribed to the Google Groups
> "jOOQ User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jooq-user+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups "jOOQ
User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jooq-user+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
