I’m testing my ignite cache, inserting a simple User in the cache and then through a query I get the User entered previously returned I have a problem writing the query. I noticed that writing like this:
@Test
@EnableStreamCacheTestUtil(caches = {@Cache(name = "User", queryEntity = {@QueryEntity(tableName = "USER", keyClass = String.class, valueClass = User.class)})})
public void Test_expected_Ok() throws Exception {
Ignite ignite = Ignition.ignite();
UsersRequest usersRequest = new UsersRequest();
usersRequest.setName(TestCostants.NAME);
IgniteCache<String, User> igniteCache = ignite.cache("User");
User user = new User("Ennio","Ragno",90")
igniteCache.put("1", user);
SqlFieldsQuery sql = new SqlFieldsQuery("SELECT * " +
" FROM USER WHERE NAME ='ENNIO'");
int counter = 0;
List<List<?>> cursor = igniteCache.query(sql).getAll();
// try(QueryCursor<List<?>> cursor = igniteCache.query(sql)) {
for (List<?> row : cursor) {
log.info("SQLQUeryresult:{}", row);
counter++;
}
Assertions.assertEquals(1,counter);
}
}
The test works fine, but if I write the query like this
//Clearly in the constant that there is the value "ENNIO"
UsersRequest usersRequest = new UsersRequest();
usersRequest.setName(TestCostants.NAME);
//some code
SqlFieldsQuery sql = new SqlFieldsQuery("SELECT * " +
" FROM USER WHERE NAME = "+usersRequest.getName());
Now it doesn’t work anymore. This is my first time trying to use queries and caches, but technically, shouldn’t it be the same?Is there a different way to write the query when passing parameters like this?
Advertisement
Answer
The correct way is to use parameter substitution, avoid SQL injection and other troubles:
//Clearly in the constant that there is the value "ENNIO"
UsersRequest usersRequest = new UsersRequest();
usersRequest.setName(TestCostants.NAME);
//some code
SqlFieldsQuery sql = new SqlFieldsQuery("SELECT * " +
" FROM USER WHERE NAME = ?").setArgs(usersRequest.getName());