|
Hibernate supports named parameters in its HQL queries. This makes writing HQL queries that accept input from the user easy and you do not have to defend against SQL injection attacks. Following is the simple syntax of using named parameters:
String hql ="FROM Employee E WHERE E.id = :employee_id";
Query query =session.createQuery(hql); query.setParameter("employee_id",10); List results =query.list(); |
copyright © 2014 - all rights riserved by javatechnologycenter.com