Google Datastore problem with query on *User* type

前端 未结 1 1705
无人共我
无人共我 2021-02-11 10:14

On this question I solved the problem of querying Google Datastore to retrieve stuff by user (com.google.appengine.api.users.User) like this:

User user = userSer         


        
相关标签:
1条回答
  • 2021-02-11 10:54

    Using string substitution in query languages is always a bad idea. It's far too easy for a user to break out and mess with your environment, and it introduces a whole collection of encoding issues, etc.

    What was wrong with your earlier parameter substitution approach? As far as I'm aware, it supports everything, and it sidesteps any parsing issues. As far as the problem with knowing how many arguments to pass goes, you can use Query.executeWithMap or Query.executeWithArray to execute a query with an unknown number of arguments.

    0 讨论(0)
提交回复
热议问题