At the moment I only know that you can do this in JPA
SELECT art_bezeichnung FROM table WHERE art_nr = :parameter
.setParameter("parameter", "H03")
But can you also add a whole where clause via a parameter
SELECT art_bezeichnung FROM table :parameter
.setParameter("parameter", "WHERE art_nr = H03")
I searched the Internet for it, but couldn´t find a clear answer.
CodePudding user response:
That's not possible because of possible SQL-Injection.
Use a if statement instead:
if (Parameter is set) add where to SQL Statement and Parameter.
CodePudding user response:
Trait information before setting it in the setParameters()
You should work in layers, and filter the data with some switch statement, also, you can wrapp on a try/catch statement, to get the null condition controled