| From: | Michael Fuhr <mike(at)fuhr(dot)org> |
|---|---|
| To: | alex(at)pilosoft(dot)com |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Mike Rylander <mrylander(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: DBD::PgSPI 0.02 |
| Date: | 2004-12-06 20:16:34 |
| Message-ID: | 20041206201634.GA31066@winnie.fuhr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Mon, Dec 06, 2004 at 03:02:45PM -0500, alex(at)pilosoft(dot)com wrote:
> On Mon, 6 Dec 2004, Michael Fuhr wrote:
>
> > On Mon, Dec 06, 2004 at 02:34:33PM -0500, alex(at)pilosoft(dot)com wrote:
> > >
> > > For quick access from trusted code, spi_exec should just do fine.
> >
> > BTW, does stock PL/Perl have functions for escaping identifiers,
> > strings, and binary strings?
>
> non-DBI? no.
>
> DBI? yes, $pg_dbh->quote('foo')
Yeah, I know about DBI, but since we currently can't use it in
trusted code I was wondering what we *could* use. With DBI I'd be
using placeholders wherever possible, but unless I've missed something
spi_exec_query() requires values to be interpolated into the query
string. Danger, danger.
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew M | 2004-12-06 20:24:49 | Re: SSL confirmation - (could not accept SSL connection: |
| Previous Message | Michael Fuhr | 2004-12-06 20:03:48 | Re: DBD::PgSPI 0.02 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2004-12-06 20:59:47 | Re: DBD::PgSPI 0.02 |
| Previous Message | Michael Fuhr | 2004-12-06 20:03:48 | Re: DBD::PgSPI 0.02 |