1

I want to know the best way to check variable type at runtime.

public Iterator<?> read(String entityName, String propertyName, Object propertyValue) {

    String query = "select * from " + entityName + " where " + propertyName + "=";

    try {
        int value = Integer.parseInt((String)propertyValue);
        query=query+value;
    } catch (NumberFormatException e) {
        // failed
    }

    try {
        String value = (String)propertyValue;
        query=query+"'"+value+"'";
    } catch (ClassCastException e) {
        // failed
    }

    try {
        float value = Float.parseFloat((String)propertyValue);
        query=query+value;
    } catch (NumberFormatException e) {
        // failed
    }

    //Creating JDBC connection and execute query

    Iterator<Element> result=queryConn.execute();

    return result;
}

I need to check the variable type is int, float or String during runtime. Is there any other best way to do this?

Or Do I need to write seperate method for each variable type?

Improve this question
2
  • Your code does not do what you think it does. For example: if propertyValue is "3", your code will result in a query that ends with =3'3'3. Commented Feb 20, 2017 at 5:44
  • Also, please see en.wikipedia.org/wiki/SQL_injection to understand why you should never do what you're currently doing. Commented Feb 20, 2017 at 5:45

4 Answers 4

Reset to default
4

try this code : 

if(floatVariable instanceof Float){}
if(intVariable instanceof Integer){}
if(stringVariable instanceof String){}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

There are many ways to handle this scenario.

  • Use function overloading for different data types
  • Use instanceof operator to determine data type
  • Try to cast property value in any numeric data type, if successfully castes then ignore single quotes otherwise apply single quotes
Improve this answer

Comments

1

since you are getting object as input you can always check using instanceof keyword.And instead of using primitives try using classes like(Integer.class).And one more thing is you should use PreparedStatement always.Your code is prone to SqlInjection.

Improve this answer

Comments

1

Is there any other best way to do this?

I would recommend that you name the columns you want to select in your actual query. If you take this approach, you can parse each column as the appropriate type without worrying about type casting issues. If, for example, the first column selected were an integer type, then you would just call Integer.parseInt() without worrying about having the wrong type.

And here is an argument why using SELECT * is an anti-pattern:

If you use SELECT * as your query, then we don't even know how many columns are being returned. To even take a guess at that, we would have to analyze how many columns your code seems to expect. But, what would happen if someone were to change the schema, thereby possibly changing the order in which the RDBMS returns columns? Then your entire application logic might have to change.

Improve this answer

2 Comments

But I'm not sure that I will get Integer or float or boolean or String value.
I think you're missing the point here: SELECT * doesn't play very friendly with application code, because you don't know what you're getting. It is much preferable to name the columns you want. In any case, your schema won't be changing so frequently as to be a nuisance to the Java code.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.