1

@RequestParam(value = "param") String param

How to validate this param in elegant way ? More exactly I must check if param is some value in database. My stack is: spring-boot+mybatis

  • How many values are there? Are they dynamic? – Bohemian Mar 05 '17 at 06:23
  • @Bohemian What does it mean dynamic ? there are three values, but I would like to only validate this one. –  Mar 05 '17 at 10:04
  • http://stackoverflow.com/questions/12146298/spring-mvc-how-to-perform-validation – kgu87 Mar 05 '17 at 12:17
  • @JavaNewbie "dynamic" means they change, ie not known at compile time. If they are in a database, must you use it or would using hard coded values be OK? If the values are a known list, what are the values? – Bohemian Mar 05 '17 at 13:21
  • @Bohemian Values are names of columns. I am afraid of it will be changed, so I will be made to update this list. I must check if paremeter is valid columnName to prevent against SQL Injection - it is parameter for `ORDER BY ?` (I am using mybatis). –  Mar 05 '17 at 17:06
  • @Bohemian maybe something like `@PostConstruct` to only once time (at beginning) get list of columns ? –  Mar 06 '17 at 00:42

1 Answers1

0

This might be a duplicate of that one but anyway.

There's a difference in the way you validate forms and separate parameters. With POST it's actually impossible to break the request into separate parameters and you get the whole post body, and you use @Valid to process it. With GET it is possible to have separate parameters as arguments in method, and in this case Spring proprietary @Validated annotation should be used.

Community
  • 1
  • 1
Oleg Mikheev
  • 17,186
  • 14
  • 73
  • 95