Comments (9)
moderakh
commented on August 29, 2024
@zhouchong90 for IN (...) clause please try to avoid Parametrizing the query. Please just pass the query string without any parametrization.
from azure-cosmosdb-java.
zhouchong90
commented on August 29, 2024
Will it be suspect to SQL injections and attacks?
from azure-cosmosdb-java.
moderakh
commented on August 29, 2024
@zhouchong90
You can try something like this:
String query = "SELECT * from c where c.prop IN (@param1, @param2)";
SqlParameterCollection params = new SqlParameterCollection(new SqlParameter("@param1", 98), new SqlParameter("@param2", 99));
SqlQuerySpec sqs = new SqlQuerySpec(query, params);from azure-cosmosdb-java.
zhouchong90
commented on August 29, 2024
@moderakh Thanks. Will there be any built-in support to take a list directly? Since I'll have a list of thousands of values and it'll be ugly to write a dynamically generate sql and put the values.
from azure-cosmosdb-java.
mohitgoyal91
commented on August 29, 2024
@zhouchong90 We have a simple library, where you can generate queries more effectively.
https://github.com/mohitgoyal91/azure-cosmosdb-querybuilder-java
For example in your case for query -> "SELECT * from c where c.prop IN (@param1, @Param2)"
Assuming you have a
List<Integer> list = new ArrayList<>();
list.add(98); list.add(99);Simply call the below function:
new SelectQuery()
.in("prop", list.toArray())
.createQuery();from azure-cosmosdb-java.
christopheranderson
commented on August 29, 2024
Cleaning up older issues.
No plans on support parameterized lists directly any time soon. Following Mohit's pattern makes sense and something we could potentially support ourselves in the future, but not a priority at the moment.
from azure-cosmosdb-java.
kmansel
commented on August 29, 2024
For node SDK based applications, I found that this way works as well.
sqlQuery: SqlQuerySpec = {
query: 'SELECT * FROM t WHERE ARRAY_CONTAINS(@idList, t.id)',
parameters: [
{
name: '@idList',
value: ['id1','id2','id3'],
},
],
};
from azure-cosmosdb-java.
MrBuddyCasino
commented on August 29, 2024
Just found this issue, absolutely perplexed that this is just silently not supported. Its not like the client libs are still 1.x early days. Combined with the fact that it is not possible to log the outgoing SQL queries, this just cost me several hours.
from azure-cosmosdb-java.
viswa-optimusprime
commented on August 29, 2024
@ALL is this fixed ? What is the solution ? We really need this feature to pass list for in clause.. Can someone tell us the solution ?
from azure-cosmosdb-java.
Related Issues (20)
- In flight http request during failover not moving to other available region
- storePhysicalAddress is null - V2 Java Async SDK HOT 2
- Reliable connection configuration for Azure functions consumption plan HOT 1
- Bump to >2.4.0 yields DocumentClientException/ Request url is invalid. HOT 1
- QueryPlan should be a read request
- Add support of getDuration for Queries in Cosmos Diagnostics - V4 Java Cosmos SDK HOT 1
- FR Add an option to SQL API @Container to set auto scaling = true
- Duplicate results when DISTINCT querying
- "sortedRanges" exception when querying Unique Key IN list HOT 1
- I'm not able to see which branch is for latest version of V3 version (3.7.5) HOT 6
- Connection leak with Cosmos DB client SDK HOT 2
- Getting 404 even though cosmos has document
- Netty issue while using azure cosmos in android
- ETag Check in Cosmos SDK V4 batch
- Including "uri" in the Diagnostic logs
- 同学,您这个项目引入了119个开源组件,存在41个漏洞,辛苦升级一下
- Fail to reach global gateway HOT 1
- This repo is missing important files
- Direct Connectivity Issue from VNET SpringApps to CosmosDB HOT 2
- Java SDK not returning cumulative RU for operations with retries HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-cosmosdb-java.