Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Improvement][Parameter passing] SQL component passing parameters cannot be directly passed into the entire SQL statement #16864

Open
2 of 3 tasks
dzygoon opened this issue Dec 2, 2024 · 2 comments
Open
2 of 3 tasks

[Improvement][Parameter passing] SQL component passing parameters cannot be directly passed into the entire SQL statement #16864

dzygoon opened this issue Dec 2, 2024 · 2 comments
Labels
backend help wanted Extra attention is needed improvement make more easy to user or prompt friendly

Comments

@dzygoon
Copy link

dzygoon commented Dec 2, 2024

Search before asking

  • I had searched in the issues and found no similar feature requirement.

Description

当我使用上游节点传入整个SQL语句时,下游接收此参数的SQL组件无法直接执行这个SQL语句,因为它将其作为字符串接收了,使用了引号进行了包裹,导致SQL执行失败
image

以下是问题的机器翻译:
When I pass in the entire SQL statement using the upstream node, the downstream SQL component that receives this parameter cannot execute the SQL statement directly because it received it as a string, wrapped it in quotation marks, and the SQL execution fails.

Are you willing to submit a PR?

  • Yes I am willing to submit a PR!

Code of Conduct
@dzygoon dzygoon added improvement make more easy to user or prompt friendly Waiting for reply Waiting for reply labels Dec 2, 2024
@github-actions github-actions bot changed the title [Improvement][参数传递]SQL组件传递参数无法直接传入整个SQL语句 [Improvement][Parameter passing] SQL component passing parameters cannot be directly passed into the entire SQL statement Dec 2, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 2, 2024

Search before asking

  • I had searched in the issues and found no similar feature requirement.

Description

When I use the upstream node to pass in the entire SQL statement, the downstream SQL component that receives this parameter cannot directly execute the SQL statement because it receives it as a string and wraps it in quotation marks, causing the SQL execution to fail.
image

Here is a machine translation of the question:
When I pass in the entire SQL statement using the upstream node, the downstream SQL component that receives this parameter cannot execute the SQL statement directly because it received it as a string, wrapped it in quotation marks, and the SQL execution fails.

Are you willing to submit a PR?

  • Yes I am willing to submit a PR!

Code of Conduct

@SbloodyS SbloodyS added help wanted Extra attention is needed backend and removed Waiting for reply Waiting for reply labels Dec 3, 2024
@dzygoon
Copy link
Author

dzygoon commented Dec 3, 2024

我查看了源码,主要是因为使用了PreparedStatement进行了SQL内容替换。
image
我猜测当时这么使用的目的是为了防止任意SQL的执行,以及注入等问题,但考虑到SQL任务组件是控制在调度平台的,不像应用接口那样,所以是不是可以调整以下呢?我正在尝试直接执行替换后的SQL,不再使用PreparedStatement预处理占位符。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backend help wanted Extra attention is needed improvement make more easy to user or prompt friendly
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SbloodyS @dzygoon