Package org.apache.calcite.sql.util

Class SqlBuilder

java.lang.Object
org.apache.calcite.sql.util.SqlBuilder
public class SqlBuilder extends Object
Extension to StringBuilder for the purposes of creating SQL queries and expressions.

Using this class helps to prevent SQL injection attacks, incorrectly quoted identifiers and strings. These problems occur when you build SQL by concatenating strings, and you forget to treat identifers and string literals correctly. SqlBuilder has special methods for appending identifiers and literals.

  • Constructor Details

    • SqlBuilder

      public SqlBuilder(SqlDialect dialect)
      Creates a SqlBuilder.
      Parameters:
      dialect - Dialect

    • SqlBuilder

      public SqlBuilder(SqlDialect dialect, String s)
      Creates a SqlBuilder with a given string.
      Parameters:
      dialect - Dialect
      s - Initial contents of the buffer

  • Method Details

    • getDialect

      public SqlDialect getDialect()
      Returns the dialect.
      Returns:
      dialect

    • length

      public int length()
      Returns the length (character count).
      Returns:
      the length of the sequence of characters currently represented by this object

    • clear

      public void clear()
      Clears the contents of the buffer.

    • toString

      public String toString()

      Returns the SQL string.

      Overrides:
      toString in class Object
      Returns:
      SQL string
      See Also:

    • getSql

      public String getSql()
      Returns the SQL.

    • getSqlAndClear

      public String getSqlAndClear()
      Returns the SQL and clears the buffer.

      Convenient if you are reusing the same SQL builder in a loop.

    • append

      public SqlBuilder append(SqlString s)
      Appends a hygienic SQL string.
      Parameters:
      s - SQL string to append
      Returns:
      This builder

    • append

      public SqlBuilder append(String s)
      Appends a string, without any quoting.

      Calls to this method are dubious.

      Parameters:
      s - String to append
      Returns:
      This builder

    • append

      public SqlBuilder append(char c)
      Appends a character, without any quoting.
      Parameters:
      c - Character to append
      Returns:
      This builder

    • append

      public SqlBuilder append(long n)
      Appends a number, per StringBuilder.append(long).

    • identifier

      public SqlBuilder identifier(String name)
      Appends an identifier to this buffer, quoting accordingly.
      Parameters:
      name - Identifier
      Returns:
      This builder

    • identifier

      public SqlBuilder identifier(String... names)
      Appends one or more identifiers to this buffer, quoting accordingly.
      Parameters:
      names - Varargs array of identifiers
      Returns:
      This builder

    • identifier

      public SqlBuilder identifier(List<String> names)
      Appends a compound identifier to this buffer, quoting accordingly.
      Parameters:
      names - Parts of a compound identifier
      Returns:
      This builder

    • toSqlString

      public SqlString toSqlString()
      Returns the contents of this SQL buffer as a 'certified kocher' SQL string.

      Use this method in preference to toString(). It indicates that the SQL string has been constructed using good hygiene, and is therefore less likely to contain SQL injection or badly quoted identifiers or strings.

      Returns:
      Contents of this builder as a SQL string.

    • literal

      public SqlBuilder literal(String s)
      Appends a string literal to this buffer.

      For example, calling literal("can't") would convert the buffer

      SELECT
      to
      SELECT 'can''t'
      Parameters:
      s - String to append
      Returns:
      This buffer

    • literal

      public SqlBuilder literal(Timestamp timestamp)
      Appends a timestamp literal to this buffer.
      Parameters:
      timestamp - Timestamp to append
      Returns:
      This buffer

    • indexOf

      public int indexOf(String str)
      Returns the index within this string of the first occurrence of the specified substring.
      See Also:

    • indexOf

      public int indexOf(String str, int fromIndex)
      Returns the index within this string of the first occurrence of the specified substring, starting at the specified index.
      See Also:

    • insert

      public SqlBuilder insert(int offset, String str)
      Inserts the string into this character sequence.
      See Also: