Hi Timo,
To get it to work with xsd:string's (without datatype and language) the first
param passed to the bif function should be 3, the second the string value and
the third a null value ...
The "bif:__rdf_long_from_batch_params" was originally created for use with
INSERT & DELETE queries, but should equally work with SELECT queries. Its use
in the Virtuoso Sesame provider can be seen in the following method in
~/binsrc/sesame2/virtuoso_driver/VirtuosoRepositoryConnection.java of the open
source archive:
private void bindValue(PreparedStatement ps, int col, Value n) throws
SQLException {
if (n == null)
return;
if (n instanceof URI) {
ps.setInt(col, 1);
ps.setString(col+1, n.stringValue());
ps.setNull(col+2, java.sql.Types.VARCHAR);
}
else if (n instanceof BNode) {
ps.setInt(col, 1);
ps.setString(col+1, "_:"+((BNode)n).getID());
ps.setNull(col+2, java.sql.Types.VARCHAR);
}
else if (n instanceof Literal) {
Literal lit = (Literal) n;
if (lit.getLanguage() != null) {
ps.setInt(col, 5);
ps.setString(col+1, lit.stringValue());
ps.setString(col+2, lit.getLanguage());
}
else if (lit.getDatatype() != null) {
ps.setInt(col, 4);
ps.setString(col+1, lit.stringValue());
ps.setString(col+2,
lit.getDatatype().toString());
}
else {
ps.setInt(col, 3);
ps.setString(col+1, n.stringValue());
ps.setNull(col+2, java.sql.Types.VARCHAR);
}
}
else {
ps.setInt(col, 3);
ps.setString(col+1, n.stringValue());
ps.setNull(col+2, java.sql.Types.VARCHAR);
}
}
Resulting in the following being passed to
`bif:__rdf_long_from_batch_params(??,??,??)`:
1) value is URI
1-param(int) = 1
2-param(string) = value.stringValue()
3-param(string) = NULL
2) value is BNODE
1-param(int) = 1
2-param(string) = "_:"+((BNode)value).getID()
3-param(string) = NULL
3) value is Literal with Language!=NULL
1-param(int) = 5
2-param(string) = lit.stringValue()
3-param(string) = lit.getLanguage()
4) value is Literal with Datatype!=NULL
1-param(int) = 4
2-param(string) = lit.stringValue()
3-param(string) = lit.getDatatype().toString()
5) value is Literal with Datatype==NULL&& Language==NULL
1-param(int) = 3
2-param(string) = lit.stringValue()
3-param(string) = NULL
6) value is any value exclude above
1-param(int) = 3
2-param(string) = value.stringValue()
3-param(string) = NULL
Thus for a string value (without datatype and language) you would pass:
1-param(int) = 3
2-param(string) = value.stringValue()
3-param(string) = NULL
Best Regards
Hugh Williams
Professional Services
OpenLink Software
Web: http://www.openlinksw.com
Support: http://support.openlinksw.com
Forums: http://boards.openlinksw.com/support
Twitter: http://twitter.com/OpenLink
On 13 Dec 2010, at 16:00, Timo Westkämper wrote:
> Hi.
>
> I am trying to use prepared statements together with SPARQL SELECT
> queries, but I am struggling to get literal queries right.
>
> I am using the function bif:__rdf_long_from_batch_params(??,??,??) and
> the same bind logic as in the Sesame 3 adapter, but for certain literals
> it fails.
>
> The template is something like this
>
> sparql select * where { graph ?g { `iri(??)` `iri(??)`
> `bif:__rdf_long_from_batch_params(??,??,??)` }}
>
> I got it working for resources, blank nodes and integer typed literals
> as objects, but it failed for xsd:string literals.
>
> Any known issues with this?
>
> I don't want to construct SPARQL queries with String concatenation, as
> this enables code injection attacks etc without proper escaping.
>
> Br,
> Timo Westkämper
>
> ------------------------------------------------------------------------------
> Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL,
> new data types, scalar functions, improved concurrency, built-in packages,
> OCI, SQL*Plus, data movement tools, best practices and more.
> http://p.sf.net/sfu/oracle-sfdev2dev
> _______________________________________________
> Virtuoso-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/virtuoso-users
