I have a sequence created using flyway in postgres which should start from 10000.
I want to get the next value of the sequence using JPA and not a native query , since i have different db platforms being run at different cloud providers.
I'm not able to find a JPA query to get the next value of a sequence, please redirect me to the right page if i am missing something already ..
Thanks for any help in that area though already!
P.S : I found this link which helps me doing the same with native query.
postgresql sequence nextval in schema
I don't think this is possible in a direct way.
JPA doesn't know about sequences.
Only the implementation knows about those and utilizes them to create ids.
I see the following options to get it to work anyway:
create a view in the database with a single row and a single column containing the next value. You can query that with native SQL which should be the same for all databases since it is a trivial select.
Create a dummy entity using the sequence for id generation, save a new instance and let JPA populate the id.
A horrible workaround but pure JPA.
Bite the bullet and create a simple class that provides the correct native SQL statement to use for the current environment and execute it via JdbcTemplate.
Related
PostgreSQL has excellent support for evaluating JSONPath expressions against JSON data.
For example, this query returns true because the value of the nested field is indeed "foo".
select '{"header": {"nested": "foo"}}'::jsonb #? '$.header ? (#.nested == "foo")'
Notably this query does not reference any schemas or tables. Ideally, I would like to use this functionality of PostgreSQL without creating or connecting to a full database instance. Is it possible to run PostgreSQL in such a way that it doesn't have schemas or tables, but is still able to evaluate "standalone" queries?
Some other context on the project, we need to evaluate JSONPath expressions against JSON data in both a Postgres database and Python application. Unfortunately, Python does not have any JSONPath libraries that support enough of the spec to be useful to us.
Ideally, I would like to use this functionality of PostgreSQL without creating or connecting to a full database instance.
Well, it is open source. You can always pull out the source code for this functionality you want and adapt it to compile by itself. But that seems like a large and annoying undertaking, and I probably wouldn't do it. And short of that, no.
Why do you need this? Are you worried about scalability or ease of installation or performance or what? If you are already using PostgreSQL anyway, firing up a dummy connection to just fire some queries at the JSONB engine doesn't seem too hard.
Not able to load multiple tables, getting error:
Exception in component tMysqlInput_1 (MYSQL_DynamicLoading)
java.sql.SQLException: Bad format for Timestamp 'GUINESS' in column 3
One table works fine. Basically after first iteration the second table trying to use the schema
of the first table. Please help, how to edit the component to make it
correct. Trying to load actor & country table from sakila DB mysql to
a another DB on the same server. Above image is for successful one table
dynamic loading.
you should not use tMysqlInput if output schemas differ. For this case there is no way around tJavaRow and custom code. I however cannot guess what happens in tMap, so you should provide some more details about what you want to achieve.
If all you need is to load data from one table to another without any transformations, you can do one of the following:
If your tables reside in 2 different databases on the same server, you can use a tMysqlRow and execute a query "INSERT INTO catalog.table SELECT * from catalog2.table2..". You can do some simple transformations in SQL if needed.
If your tables live in different servers, check the generic solution I suggested for a similar question here. It may need some tweaking depending on your use case, but the general idea is to replicate the functionality of INSERT INTO SELECT when the tables are not on the same server.
when trying to make this question, i got this one it is using Java, and in the answer it gave a Ruby example, and it seems that the injection happens only when using Json? because i've an expose where i'll try to compare between NoSQL and SQL and i was trying to said: be happy, nosql has no sql injection since it's not sql ...
can you please explain me:
how sql injection happens when using Python driver (pymongo).
how to avoid it.
the comparison using the old way sql injection using the comment in the login form.
There are a couple of concerns with injection in MongoDB:
$where JS injection - Building JavaScript functions from user input can result in a query that can behave differently to what you expect. JavaScript functions in general are not a responsible method to program MongoDB queries and it is highly recommended to not use them unless absolutely needed.
Operator injection - If you allow users to build (from the front) a $or or something they could easily manipulate this ability to change your queries. This of course does not apply if you just take data from a set of text fields and manually build a $or from that data.
JSON injection - Quite a few people recently have been trying to convert a full JSON document sent (saw this first in JAVA, ironically) from some client side source into a document for insertion into MongoDB. I shouldn't need to even go into why this is bad. A JSON value for a field is fine since, of course, MongoDB is BSON.
As #Burhan stated injection comes from none sanitized input. Fortunately for MongoDB it has object orientated querying.
The problem with SQL injection comes from the word "SQL". SQL is a querying language built up of strings. On the other hand MongoDB actually uses a BSON document to specify a query (an Object). If you keep to the basic common sense rules I gave you above you should never have a problem with an attack vector like:
SELECT * FROM tbl_user WHERE ='';DROP TABLE;
Also MongoDB only supports one operation per command atm (without using eval, don't ever do that though) so that wouldn't work anyway...
I should add that this does not apply to data validation only injection.
SQL injection has nothing to do with the database. It is a type of vulnerability that allows for execution of arbitrary SQL commands because the target system does not sanitize the SQL that is given to the SQL server.
It doesn't matter if you are on NoSQL or not. If you have a system running on mongodb (or couchdb, or XYZ db), and you provide a front end where users can enter records - and you don't correctly escape and sanitize the input coming from the front end; you are open to SQL injection.
I have multiple string values, I want to insert in an sql server db table, But i want to check values one by one if it already exist in the db I will update, if not I will insert it.
I am using Entity Framework 4.1, and I hope I can do that with best performance, means less calls to db as I can.
I saw this question before, but they are using linq to sql not entity framework.
One way you could do it is to batch up the queries for existence ... for example, using the .Contains method (like this), you can query for some or all of the items which may or may not exist at once. Then once you have the data locally, you can quickly check if it's there before inserting
What's the correct syntax of a JPA insert statement? This might sound like an easy question but I haven't been able to find an answer.
I know how to do it from Java code but I'm looking for a way to insert objects into the database if the database was created.
Any ideas?
There is no INSERT statement in JPA. You have to insert new entities using an EntityManager. The only statements allowed in JPA are SELECT, UPDATE and DELETE.
Here is a good reference on persisting JPA objects using an EntityManager. As an example, this is how to insert objects using the persist method:
EntityManager em = getEntityManager();
em.getTransaction().begin();
Employee employee = new Employee();
employee.setFirstName("Bob");
Address address = new Address();
address.setCity("Ottawa");
employee.setAddress(address);
em.persist(employee);
em.getTransaction().commit();
If you want to insert data to the database outside java you need to use native SQL. Use SQL Standard to make sure most databases can execute the script. When the application runs, JPA will make the mapping of the new data and convert it into objects when needed.
How to make sure the script works in all databases? well thats the same problem any DBA has when making Store Procedures or native queries... thats why JPA exists, to avoid making it directly in SQL, but I know sometimes is needed that way.
I suggest you to make 3 main scripts. One for Oracle, one for SQL Server (there are some issues in the date datatypes from 2005 to 2008 versions so be careful) and one for MySQL. Start your script with standard SQL and when you test it in this databases you will find some fixes you will need to do for each DBMS.
One you got it you can make a file script (*.sql) file and run it with the DB manager. If it works run the server, put the app online and the data will be integrated just fine.
The option that looks more promising so far is using Flyway. It is a more automated way of doing it and handles the upgrade process of databases basically automatically.
No need to write a separate INSERT query in JPA. JpaRepository has inbuilt saveAndFlush() method which you can use to insert into the database. Hope this works for you.