发表新帖
发表新帖

“In” clause in anorm?

前端 未结
关注
7 873
轮回少年
轮回少年 2020-12-30 23:53

It seems no easy way to use \"in\" clause in anorm:

val ids = List(\"111\", \"222\", \"333\")
val users = SQL(\"select * from users where id in ({ids})\").on
7条回答
  • 半阙折子戏
    半阙折子戏 (楼主)
    2020-12-30 23:53

    I had the same problem recently. Unfortunately there doesn't seem to be a way without using string interpolation and thus vulnerable to SQL injection.

    What I ended up doing was kinda sanitizing it by transforming it to a list of ints and back:

    val input = "1,2,3,4,5"

// here there will be an exception if someone is trying to sql-inject you
val list = (_ids.split(",") map Integer.parseInt).toList

// re-create the "in" string
SQL("select * from foo where foo.id in (%s)" format list.mkString(","))

    0 讨论(0)
 看不清?
提交回复
热议问题