How to prevent “SQL Injection” in Core Data?

前端 未结 1 1772
[愿得一人]
[愿得一人] 2021-01-20 22:20

I am building a pretty complex predicate in several iterations, and want to supply the matching values right away in the predicate.

Instead of:

[NSPr         


        
1条回答
  •  -上瘾入骨i
    2021-01-20 22:57

    Use NSComparisonPredicate directly, and bypass the predicate format issues.

    NSPredicate *fetchPredicate = [NSComparisonPredicate predicateWithLeftExpression:[NSExpression expressionForKeyPath:@"departmentName"]
                                                                     rightExpression:[NSExpression expressionForConstantValue:searchTerm]
                                                                            modifier:NSDirectPredicateModifier
                                                                                type:NSLikePredicateOperatorType
                                                                             options:0];
    

    Have a read through the Predicate Programming Guide "Creating Predicates Directly in Code", and check the class reference for NSComparisonPredicate

    0 讨论(0)
提交回复
热议问题