Remy Maucherat wrote:
>
> > Hi all,
> >
> > As suggested, I've converted JDBCDescriptorsStore to using prepared
> > statements so as to have the neccesary escaping done for us. I haven't
> > tested it yet, though.
>
> Great !
>
> > I intend to finish off the conversion and test on friday, then commit.
> > If anyone wants to speak against this, please do so and I'll hold off.
>
> I'm definitely +1 for this.
>
ok. Well, it's mostly working now, but I'm not sure it's completely
reliable just yet. It seems to be, though.
The problem I'm looking at right now is retrieveRevisionDescriptor() in
the store being called with a null revisioNumber. I'm not sure what the
right thing to do in this situation is. I'm going to try just checking
for this at the start of the method, and throwing a
RevisionDescriptorNotFoundException if it's null (this seems
reasonable),
but I'm not sure whether that's the right thing. I suspect that this was
previously hidden behind java's automatic-stringification magic.
(update after testing: this works, but I'm still not sure if it's
'correct')
OK, should be committed in a few minutes. Please, everybody that uses
the current JDBCDescriptorsStore, TEST!
Michael
