Dynamically creating a WHERE clause from a user Search criteria

Question

Dynamically creating a WHERE clause from a user Search criteria

I, as I am sure, have a fairly common problem, and I do not want to reinvent the wheel. I have a search form in which users can specify search criteria and type of search (AND OR Ext ..).

The form passes back the identifier associated with the column names and values. I am currently using server-side Java to glue strings into a where clause. It works in some cases, but it is clumsy, error prone and will not scale well.

Any suggestions?

Thanks,

David

+5

java sql

David hamilton Sep 11 '09 at 13:44

source share

7 answers

KLE · Answer 1 · 2009-09-11T13:55:53+0000

ORM ( Hibernate), API : (, ) .

SQL , . , , Hibernate Criteria?

- (, AND OR, ...), , , .

.

reinierpost · Answer 2 · 2009-09-11T14:09:43+0000

? , .

, .

, . -, , , .

simon · Answer 3 · 2009-09-11T13:48:53+0000

, . , , (), . Searcher, .

Massimiliano Fliri · Answer 4 · 2009-09-11T14:01:57+0000

Hibernate API- Criteria, , , sql.

, Lucene Hibernate Search, . , .

David Hamilton · Answer 5 · 2009-09-11T15:06:28+0000

, API , . , " ", .

: Squiggle-sql: http://code.google.com/p/squiggle-sql/

:

Squiggle - Java SQL SELECT. , , . , . .

Rajat · Answer 6 · 2009-09-11T15:58:00+0000

Hibernate ORM, api. / .

jdbc, , , , ,

* from trans userid =?

, ,
!= null, ' > ? '

, , , .

Mayo · Answer 7 · 2009-09-11T16:06:55+0000

" SQL Server 2005 Development" 7 SQL. , , . - , , SQL.

It is specific to SQL Server, but I believe that its general approach (huge, where the sentence or if / then SQL vs. dynamic) can be applied in all directions.

EDIT: I think it's worth adding ... never trust customer input, always parameterize your input before using it in SQL.

Dynamically creating a WHERE clause from a user Search criteria

More articles: