Re: A PGsendQuery API design for your review

Hi,

I can say with some confidence that we'll never implement such an API. Even
the
ux, i.e., accepting multi-queries from the user is wrong, imho. Let the
user
write single queries, organize them, exrcute them using bound variables and
NOT
mogrify() and then return the result. Anything less is lazy.

federico

On mar, feb 02, 2016 at 6:50 PM, Karl O. Pinc < kop(at)meme(dot)com [kop(at)meme(dot)com]
> wrote:
Hi,

I've got users who write and submit arbitrary sequences of SQL
to the server, as supported by psql, phpPgAdmin, pgAdmin, etc.
I'd like to see this sort of functionality in psycopg2.

Someday I may submit a code patch. In the meantime I'd
appreciate any review of an API design that supports
such functionality.

(Attached is a patch to the docs if you'd prefer to look
at it that way.)

Thanks for the work.

----------------------------------------------------

The "cursor" class
******************
<snip>
-[ Commands execution methods ]-
<snip>
executequery([buffered=True])

Execute the next database operation (query or command) submitted
to the server with "submitqueries()".

"buffered" determines whether all query output is collected in a
buffer by the client before delivery to the application or
whether results are returned to the application as they are
received from the server. (The "cursor.execute()" and
"cursor.executemany()" methods always buffer.)

"True" is returned if a database operation was executed. "None"
is returned if all submitted database operations have been
executed.

If a query was executed, the returned values can be retrieved
using "fetch*()" methods.

DB API extension: The "executequery()" method is a Psycopg
extension to the DB API 2.0.

<snip>
submitqueries(operations)

Submit a string containing one or more database operations
(queries or commands) to the database server for execution.

Warning: Never, **never**, **NEVER** use Python string
concatenation ("+") or string parameters interpolation ("%")
to pass variables to a SQL query string. See Passing
parameters to SQL queries. Always use the "mogrify()" method
to construct the "operations" string if the SQL contains
variable data.

This function is primarily useful in the context of executing
large reports, pre-packaged collections of SQL reports, and
arbitrary user-supplied SQL.

Use the "executequery()" method to execute the submitted SQL.

DB API extension: The "submitqueries()" method is a Psycopg
extension to the DB API 2.0.
<snip>

Regards,

Karl <kop(at)meme(dot)com>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein

--
Sent via psycopg mailing list (psycopg(at)postgresql(dot)org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/psycopg