-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

View unanswered posts | View active topics


Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]


Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 8 posts ] 
  Previous topic | Next topic 
Author Message
nerotnt
 Post subject: Which one's quicker?
PostPosted: Tue Jan 20, 2004 7:16 am 
Pro
Pro

Joined: Wed Oct 08, 2003 10:31 am
Posts: 247
Which one's quicker in retrieving information:

Method 1
Code:
List res = session.find("from vo.Mp as m where m.ref like %" + ref + "%");


Method 2
Code:
Query query = session.createQuery(from vo.Mp as m where m.ref like ':ref');
query.setParameter("ref", "%" + ref + "%" );



Thanks in advance.
Top
 Profile  
 
gavin
 Post subject:
PostPosted: Tue Jan 20, 2004 9:03 am 
Hibernate Team
Hibernate Team

Joined: Tue Aug 26, 2003 12:50 pm
Posts: 5130
Location: Melbourne, Australia
NEVER use Method 1. It is slow and a security hole.
Top
 Profile  
 
sgwood
 Post subject:
PostPosted: Tue Jan 20, 2004 9:32 am 
Senior
Senior

Joined: Tue Nov 25, 2003 9:35 am
Posts: 194
Location: San Francisco
gavin wrote:
NEVER use Method 1. It is slow and a security hole.



Why?

Thanks,


Sherman
Top
 Profile  
 
michael
 Post subject:
PostPosted: Tue Jan 20, 2004 9:34 am 
Hibernate Team
Hibernate Team

Joined: Tue Sep 09, 2003 2:10 pm
Posts: 3246
Location: Passau, Germany
Possible SQL Injection
Top
 Profile  
 
emmanuel
 Post subject:
PostPosted: Tue Jan 20, 2004 9:47 am 
Hibernate Team
Hibernate Team

Joined: Sun Sep 14, 2003 3:54 am
Posts: 7256
Location: Paris, France
gloeglm wrote:
Possible SQL Injection

Yes, in the 2nd, special chars are escaped properly.

_________________
Emmanuel

Top
 Profile  
 
nerotnt
 Post subject:
PostPosted: Tue Jan 20, 2004 10:01 am 
Pro
Pro

Joined: Wed Oct 08, 2003 10:31 am
Posts: 247
gavin wrote:
NEVER use Method 1. It is slow and a security hole.


Thanks to all for the advice.
Top
 Profile  
 
bliu_ditech
 Post subject:
PostPosted: Tue Jan 20, 2004 5:23 pm 
Beginner
Beginner

Joined: Thu Sep 04, 2003 1:46 pm
Posts: 20
Hi,

Can someone please discuss the differences between

session.find()
session.iterate()
session.createQuery()

and when we should or should not use those methods?

It seems like I've missed out on a lof of Hibernate reference documentation.

This is the only document that I know about. Are there others?

http://www.hibernate.org/hib_docs/refer ... index.html

Thanks,
-Ben
Top
 Profile  
 
christian
 Post subject:
PostPosted: Tue Jan 20, 2004 5:24 pm 
Hibernate Team
Hibernate Team

Joined: Mon Aug 25, 2003 9:11 pm
Posts: 4592
Location: Switzerland
This is a 140 page reference documentation! Please read it, it contains all the information you need to understand these methods. Also read the Javadoc API description and the many articles and tutorials about Hibernate.

_________________
JAVA PERSISTENCE WITH HIBERNATE
http://jpwh.org
Get the book, training, and consulting for your Hibernate team.

Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  Page 1 of 1
  [ 8 posts ] 

Board index » Hibernate & Java Persistence » Hibernate Users

All times are UTC - 5 hours [ DST ]

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.