[jboss-jira] [JBoss JIRA] (HIBERNATE-145) Issue in HQL to SQL Conversion for Order By Clause
Steve Ebersole (JIRA)
issues at jboss.org
Thu Nov 19 10:06:00 EST 2015
[ https://issues.jboss.org/browse/HIBERNATE-145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13130872#comment-13130872 ]
Steve Ebersole commented on HIBERNATE-145:
------------------------------------------
This is not the correct project to report Hibernate issues under. This Jira project is for reporting issues in the integration between Hibernate and WildFly. To report issues in Hibernate, please use https://hibernate.atlassian.net. Thanks.
> Issue in HQL to SQL Conversion for Order By Clause
> --------------------------------------------------
>
> Key: HIBERNATE-145
> URL: https://issues.jboss.org/browse/HIBERNATE-145
> Project: Hibernate Integration
> Issue Type: Bug
> Reporter: Hitesh Saliya
> Assignee: Steve Ebersole
> Priority: Minor
>
> Created HQL Query with string : " select * from tableName where id=1 order by id desc 'any content' ".
> Its executing with no error.
> Generated SQL : " select * from tableName where id=1 order by id desc "
> Here, for hql with order by clause, anything written after order by inside '...' is removed.
> Is this behavior is for sql injection threat or its a bug in translation engine?
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list