在Scala中的变量上调用字符串插值器 [英] Calling a string interpolator on a variable in Scala
问题描述
我正在为Scala中的类编写一些数据库查询帮助器方法.
I am writing some database query helper methods for my classes in Scala.
此select
方法旨在从产品"表中删除某些列,这些列指定为所需列的逗号分隔列表(字符串).
This select
method is intended to pluck certain columns from the Product table, specified as a comma-seperated list (String) of the desired columns.
我希望能够这样称呼它:Product.select("id, title")
I want to be able to call it like this: Product.select("id, title")
以下代码不起作用:
def select(columns: String) = { DB.readOnly{ implicit session =>
sql"select ${columns} from $sqlTable limit 1000".map(row => Product(row)).list.apply()
}}
但是此代码(仅用于说明目的)确实有效
But this code (for illustration purposes only) does
def select(columns: String) = { DB.readOnly{ implicit session =>
var x = sqls"id, title, description, available_online"
sql"select ${x} from $sqlTable limit 1000".map(row => Product(row)).list.apply()
}}
现在,显然我不想将列硬编码到该方法中,但是我想使用columns
参数字符串来完成此操作(希望您能抓住我的麻烦).如何在列字符串上应用sqls
插值器?
Now, obviously I don't want to hard code columns into the method, but i want to do this with the columns
parameter string (I hope you catch my drift). How can I apply the sqls
interpolator on the columns string?
类似于var x = sqls(columns)
此处,您可以在sqls
和sql
插值器上找到更多信息
Here you can find more info on the sqls
and sql
interpolators
如果您需要更多信息,请发表评论,感谢您的反馈.
Please comment if you require more information and I'd appreciate your feedback.
推荐答案
您可以改用SQLSyntax#createUnsafely
.
This is a dangerous API. I know you're aware of SQL injection vulnerability so much.
这篇关于在Scala中的变量上调用字符串插值器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!