From: Chris Jaekl <cejaekl@yahoo.com>
Date: Sat, 12 Dec 2015 12:33:27 +0000 (+0900)
Subject: SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING:  Invoke nextval() using... 
X-Git-Url: http://jaekl.net/gitweb/?p=cfb.git;a=commitdiff_plain;h=d7eb22d6c6f1869f42e53c1ea05b17463a0e7b12

SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING:  Invoke nextval() using a prepared statement parameter.
---

diff --git a/prod/net/jaekl/cfb/db/driver/PostgresqlDriver.java b/prod/net/jaekl/cfb/db/driver/PostgresqlDriver.java
index a828d7f..ce4a802 100644
--- a/prod/net/jaekl/cfb/db/driver/PostgresqlDriver.java
+++ b/prod/net/jaekl/cfb/db/driver/PostgresqlDriver.java
@@ -35,10 +35,12 @@ public class PostgresqlDriver extends DbDriver {
 	@Override 
 	public long nextVal(Connection con, Sequence seq) throws SQLException
 	{
-		String sql = " SELECT NEXTVAL('" + seq.getName() + "') ";
+		String sql = " SELECT NEXTVAL(?) ";
 		
 		try (PreparedStatement ps = con.prepareStatement(sql)) 
 		{
+			ps.setString(1, seq.getName());
+			
 			try (ResultSet rs = ps.executeQuery()) {
 				if (rs.next()) {
 					return rs.getLong(1);