Re: Named vs numbered SQL parameters

Show/hide message thread

Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 08:48 UTC)

Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 09:13 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 09:35 UTC)

Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 09:49 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:10 UTC)

Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 10:16 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:30 UTC)

Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 10:38 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:50 UTC)

Re: Named vs numbered SQL parameters Alaric Snell-Pym (18 Sep 2019 10:39 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:20 UTC)

Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:53 UTC)

Re: Named vs numbered SQL parameters Alaric Snell-Pym (19 Sep 2019 16:05 UTC)

Re: Named vs numbered SQL parameters John Cowan (18 Sep 2019 22:36 UTC)

Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 07:20 UTC)

Re: Named vs numbered SQL parameters John Cowan (19 Sep 2019 13:54 UTC)

Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:04 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:07 UTC)

Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:19 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:28 UTC)

Re: Named vs numbered SQL parameters Alaric Snell-Pym (19 Sep 2019 16:00 UTC)

Re: Named vs numbered SQL parameters Lassi Kortela 19 Sep 2019 14:07 UTC

> anonymous parameters
> are extremely easy to get wrong, passing the wrong string to the wrong
> thing

Unfortunately true; hence this thread.

> If named parameters were
> pervasive, I'd say "use them", but we know they aren't.  "?" isn't actually
> part of SQL AFAICT, and there are probably databases that don't support
> even that.

Unfortunately also true. However, is there a problem if we have a DSL
that puts in the question marks or equivalent? I haven't thought about
this in detail, but it's hard to see how a DSL inserting DB-specific
placeholders is worse than a DSL implementing the entire SQL string
escaping syntax (assuming the escaping is consistent across databases,
which is already assuming a lot).

As a separate question, how do you send blobs without parameters?

> that dumb programmers don't generally wind up using Scheme.  We hope.

By dumb I assume you mean sloppy and careless. It'd be interesting to
know to what extent that attitude is temperamental and to what extent
people can learn to be more diligent if they see inspiring examples of
good software made with attention to detail. Sloppiness is certainly
pervasive in programming; it'd be inspiring to see some evidence that
there is hope :)