Java 绑定本机查询错误。日食(JPA2.1)
将变量绑定到本机查询时出错。日食(JPA2.1) 内部异常:org.postgresql.util.PSQLException:错误:“$1”处或附近的语法错误 职位:12 错误代码:0 线程“AWT-EventQueue-0”javax.persistence.PersistenceException:异常[EclipseLink-4002](Eclipse持久性服务-2.5.2.v20140319-9ad6abd):org.Eclipse.persistence.exceptions.DatabaseException 呼叫:改变角色?使用加密密码“xxx” 绑定=>[1参数绑定] 查询:DataModifyQuery(sql=“ALTER ROLE”和加密密码“xxx”) 内部异常:org.postgresql.util.PSQLException:错误:“$1”处或附近的语法错误 职位:12 错误代码:0Java 绑定本机查询错误。日食(JPA2.1),java,postgresql,jpa,eclipselink,hibernate-native-query,Java,Postgresql,Jpa,Eclipselink,Hibernate Native Query,将变量绑定到本机查询时出错。日食(JPA2.1) 内部异常:org.postgresql.util.PSQLException:错误:“$1”处或附近的语法错误 职位:12 错误代码:0 线程“AWT-EventQueue-0”javax.persistence.PersistenceException:异常[EclipseLink-4002](Eclipse持久性服务-2.5.2.v20140319-9ad6abd):org.Eclipse.persistence.exceptions.Dat
呼叫:改变角色?使用加密密码“xxx”无法在此查询中参数化用户名和密码。另一种方法是编写存储函数并调用该函数。我在网上找到的一个商店功能可以根据您的需要进行修改,它是:
CREATE OR REPLACE FUNCTION save_user(
in_username text,
in_password TEXT) returns bool
SET datestyle = 'ISO, YMD' -- needed due to legacy code regarding datestyles
AS $$
DECLARE
stmt text;
t_is_role bool;
BEGIN
-- WARNING TO PROGRAMMERS: This function runs as the definer and runs
-- utility statements via EXECUTE.
-- PLEASE BE VERY CAREFUL ABOUT SQL-INJECTION INSIDE THIS FUNCTION.
PERFORM rolname FROM pg_roles WHERE rolname = in_username;
t_is_role := found;
IF t_is_role is true and t_is_user is false and in_pls_import is false THEN
RAISE EXCEPTION 'Duplicate user';
END IF;
if t_is_role and in_password is not null then
execute 'ALTER USER ' || quote_ident( in_username ) ||
' WITH ENCRYPTED PASSWORD ' || quote_literal (in_password)
|| $e$ valid until $e$ ||
quote_literal(now() + '1 day'::interval);
elsif t_is_role is false THEN
-- create an actual user
execute 'CREATE USER ' || quote_ident( in_username ) ||
' WITH ENCRYPTED PASSWORD ' || quote_literal (in_password)
|| $e$ valid until $e$ || quote_literal(now() + '1 day'::interval);
END IF;
return true;
END;
$$ language 'plpgsql' SECURITY DEFINER;
无法在此查询中参数化用户名和密码。另一种方法是编写存储函数并调用该函数。我在网上找到的一个商店功能可以根据您的需要进行修改,它是:
CREATE OR REPLACE FUNCTION save_user(
in_username text,
in_password TEXT) returns bool
SET datestyle = 'ISO, YMD' -- needed due to legacy code regarding datestyles
AS $$
DECLARE
stmt text;
t_is_role bool;
BEGIN
-- WARNING TO PROGRAMMERS: This function runs as the definer and runs
-- utility statements via EXECUTE.
-- PLEASE BE VERY CAREFUL ABOUT SQL-INJECTION INSIDE THIS FUNCTION.
PERFORM rolname FROM pg_roles WHERE rolname = in_username;
t_is_role := found;
IF t_is_role is true and t_is_user is false and in_pls_import is false THEN
RAISE EXCEPTION 'Duplicate user';
END IF;
if t_is_role and in_password is not null then
execute 'ALTER USER ' || quote_ident( in_username ) ||
' WITH ENCRYPTED PASSWORD ' || quote_literal (in_password)
|| $e$ valid until $e$ ||
quote_literal(now() + '1 day'::interval);
elsif t_is_role is false THEN
-- create an actual user
execute 'CREATE USER ' || quote_ident( in_username ) ||
' WITH ENCRYPTED PASSWORD ' || quote_literal (in_password)
|| $e$ valid until $e$ || quote_literal(now() + '1 day'::interval);
END IF;
return true;
END;
$$ language 'plpgsql' SECURITY DEFINER;
JDBC中的general是纯的“?”,没有“1”,如果这是一个问题,anser说“可能是”。结果是什么?不起作用:String sql=“ALTER ROLE?WITH ENCRYPTED PASSWORD'xxx'”如果这是JDBC驱动程序基本上说您不能在sql的这一部分中放置参数,我不会感到惊讶。许多人不允许SELECT子句或FROM子句中的参数,例如JDBC中的General是纯'?',没有'1',如果这是问题,anser“可能是”。结果是什么?不起作用:String sql=“ALTER ROLE?WITH ENCRYPTED PASSWORD'xxx'”如果这是JDBC驱动程序基本上说您不能在sql的这一部分中放置参数,我不会感到惊讶。许多人不允许在SELECT子句中使用参数,例如FROM子句