public class SqlBuilder
extends java.lang.Object
StringBuilder
for the purposes of creating SQL queries
and expressions.
Using this class helps to prevent SQL injection attacks, incorrectly quoted identifiers and strings. These problems occur when you build SQL by concatenating strings, and you forget to treat identifers and string literals correctly. SqlBuilder has special methods for appending identifiers and literals.
Modifier and Type | Field and Description |
---|---|
private java.lang.StringBuilder |
buf |
private SqlDialect |
dialect |
Constructor and Description |
---|
SqlBuilder(SqlDialect dialect)
Creates a SqlBuilder.
|
SqlBuilder(SqlDialect dialect,
java.lang.String s)
Creates a SqlBuilder with a given string.
|
Modifier and Type | Method and Description |
---|---|
SqlBuilder |
append(char c)
Appends a character, without any quoting.
|
SqlBuilder |
append(long n)
Appends a number, per
StringBuilder.append(long) . |
SqlBuilder |
append(SqlString s)
Appends a hygienic SQL string.
|
SqlBuilder |
append(java.lang.String s)
Appends a string, without any quoting.
|
void |
clear()
Clears the contents of the buffer.
|
SqlDialect |
getDialect()
Returns the dialect.
|
java.lang.String |
getSql()
Returns the SQL.
|
java.lang.String |
getSqlAndClear()
Returns the SQL and clears the buffer.
|
SqlBuilder |
identifier(java.util.List<java.lang.String> names)
Appends a compound identifier to this buffer, quoting accordingly.
|
SqlBuilder |
identifier(java.lang.String... names)
Appends one or more identifiers to this buffer, quoting accordingly.
|
SqlBuilder |
identifier(java.lang.String name)
Appends an identifier to this buffer, quoting accordingly.
|
int |
indexOf(java.lang.String str)
Returns the index within this string of the first occurrence of the
specified substring.
|
int |
indexOf(java.lang.String str,
int fromIndex)
Returns the index within this string of the first occurrence of the
specified substring, starting at the specified index.
|
SqlBuilder |
insert(int offset,
java.lang.String str)
Inserts the string into this character sequence.
|
int |
length()
Returns the length (character count).
|
SqlBuilder |
literal(java.lang.String s)
Appends a string literal to this buffer.
|
SqlBuilder |
literal(java.sql.Timestamp timestamp)
Appends a timestamp literal to this buffer.
|
SqlString |
toSqlString()
Returns the contents of this SQL buffer as a 'certified kocher' SQL
string.
|
java.lang.String |
toString() |
private final java.lang.StringBuilder buf
private final SqlDialect dialect
public SqlBuilder(SqlDialect dialect)
dialect
- Dialectpublic SqlBuilder(SqlDialect dialect, java.lang.String s)
dialect
- Dialects
- Initial contents of the bufferpublic SqlDialect getDialect()
public int length()
public void clear()
public java.lang.String toString()
Returns the SQL string.
toString
in class java.lang.Object
getSql()
public java.lang.String getSql()
public java.lang.String getSqlAndClear()
Convenient if you are reusing the same SQL builder in a loop.
public SqlBuilder append(SqlString s)
s
- SQL string to appendpublic SqlBuilder append(java.lang.String s)
Calls to this method are dubious.
s
- String to appendpublic SqlBuilder append(char c)
c
- Character to appendpublic SqlBuilder append(long n)
StringBuilder.append(long)
.public SqlBuilder identifier(java.lang.String name)
name
- Identifierpublic SqlBuilder identifier(java.lang.String... names)
names
- Varargs array of identifierspublic SqlBuilder identifier(java.util.List<java.lang.String> names)
names
- Parts of a compound identifierpublic SqlString toSqlString()
Use this method in preference to toString()
. It indicates
that the SQL string has been constructed using good hygiene, and is
therefore less likely to contain SQL injection or badly quoted
identifiers or strings.
public SqlBuilder literal(java.lang.String s)
For example, calling literal("can't")
would convert the buffer
SELECT
to
SELECT 'can''t'
s
- String to appendpublic SqlBuilder literal(java.sql.Timestamp timestamp)
timestamp
- Timestamp to appendpublic int indexOf(java.lang.String str)
StringBuilder.indexOf(String)
public int indexOf(java.lang.String str, int fromIndex)
StringBuilder.indexOf(String, int)
public SqlBuilder insert(int offset, java.lang.String str)
StringBuilder.insert(int, String)
Copyright © 2012–2019 The Apache Software Foundation. All rights reserved.