Re: DBD::PgSPI 0.02 - Mailing list pgsql-hackers

From Michael Fuhr
Subject Re: DBD::PgSPI 0.02
Date
Msg-id 20041206201634.GA31066@winnie.fuhr.org
Whole thread Raw
In response to Re: DBD::PgSPI 0.02  (alex@pilosoft.com)
Responses Re: DBD::PgSPI 0.02
List pgsql-hackers
On Mon, Dec 06, 2004 at 03:02:45PM -0500, alex@pilosoft.com wrote:
> On Mon, 6 Dec 2004, Michael Fuhr wrote:
> 
> > On Mon, Dec 06, 2004 at 02:34:33PM -0500, alex@pilosoft.com wrote:
> > > 
> > > For quick access from trusted code, spi_exec should just do fine.
> > 
> > BTW, does stock PL/Perl have functions for escaping identifiers,
> > strings, and binary strings?
>
> non-DBI? no.
> 
> DBI? yes, $pg_dbh->quote('foo')

Yeah, I know about DBI, but since we currently can't use it in
trusted code I was wondering what we *could* use.  With DBI I'd be
using placeholders wherever possible, but unless I've missed something
spi_exec_query() requires values to be interpolated into the query
string.  Danger, danger.

-- 
Michael Fuhr
http://www.fuhr.org/~mfuhr/


pgsql-hackers by date:

Previous
From: alex@pilosoft.com
Date:
Subject: Re: DBD::PgSPI 0.02
Next
From: Andrew Dunstan
Date:
Subject: Re: DBD::PgSPI 0.02