Reputation: 455
Fluent nhibernate: problem in where clause
I am using fluent nhibernate.
I have written a piece of code like,
var data = session.CreateCriteria(typeof(CustomerNameValueList))
.Add(Expression.Eq("CustomerId","3"))
.List<CustomerNameValueList>();
but the query generated by nhibernate is looks like
select column1,column2,column3 from table where CustomerId=?
problem is with "customerId=?" expeted : CustomerId=3"
why customerId=? rather than customerId=3
please help me.
Upvotes: 0
Views: 1378
Answers (1)
Reputation: 4632
There is nothing wrong with this query. The '?' in the log will be substituted with the string value of "3". If your column type is actually an int you may have a problem here. The parameterization of the query is what you want to protect you against SQL injection attacks. If the generated query had CustomerId='3' as you were expect and the '3' came from a textbox on a web page, then it would be possible to inject more SQL such as '3' DELETE FROM MyUserTable.
Upvotes: 2
Related Questions
- Fluent NHibernate Where Clause
- C# Nhibernate query doesn't work
- What part of this Linq query is invalid for nHibernate?
- Where clause in NHibernate
- Fluent NHibernate does not create IN part of WHERE clause
- simple sql issue
- Fluent nhibernate problem, query
- Problem with linq query
- NHibernate exception on query
- Linq to nhibernate - Having where clause problems