Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 08:48 UTC)
Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 09:13 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 09:35 UTC)
Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 09:49 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:10 UTC)
Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 10:16 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:30 UTC)
Re: Named vs numbered SQL parameters Peter Bex (18 Sep 2019 10:38 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (18 Sep 2019 10:50 UTC)
Re: Named vs numbered SQL parameters Alaric Snell-Pym (18 Sep 2019 10:39 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:20 UTC)
Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:53 UTC)
Re: Named vs numbered SQL parameters Alaric Snell-Pym (19 Sep 2019 16:05 UTC)
Re: Named vs numbered SQL parameters John Cowan (18 Sep 2019 22:36 UTC)
Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 07:20 UTC)
Re: Named vs numbered SQL parameters John Cowan (19 Sep 2019 13:54 UTC)
Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:04 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:07 UTC)
Re: Named vs numbered SQL parameters Peter Bex (19 Sep 2019 14:19 UTC)
Re: Named vs numbered SQL parameters Lassi Kortela (19 Sep 2019 14:28 UTC)
Re: Named vs numbered SQL parameters Alaric Snell-Pym (19 Sep 2019 16:00 UTC)

Re: Named vs numbered SQL parameters Peter Bex 19 Sep 2019 14:53 UTC
On Thu, Sep 19, 2019 at 05:20:04PM +0300, Lassi Kortela wrote:
> > Here's an ugly but safe option to consider - pass in the query as a list
> > of strings and symbols, where the symbols are to be replaced by
> > appropriate DB-specific magic and the strings stitched together around them:
> >
> > (sql-execute '("INSERT INTO foo VALUES(" myval1 ", " myval2 ")")
> >               '((:myval1 . 1) (:myval2 . 2)))
>
> This may actually be my favorite suggestion so far. The high-level DSL would
> hide all this stuff anyway for most code, so I don't think breaking the SQL
> string into parts like that is too ugly.

I agree it is acceptable.  I'm just slightly worried about for example
being able to store larger queries in separate (non-Scheme) files so
that you can have SQL syntax highlighting and such.  And weird things
like storing the query itself in a database (that's not as weird an idea
as it sounds: Metabase for example does this).

I'll have to think about this...

Cheers,
Peter