Thread: Workaround to get arrays for plperl

Workaround to get arrays for plperl

From
Date:
It seems that function get arrays as strings in plperl.
This is a little workaround who want pass arrays to plperl functions

my( $strarr )=3D @_;
$strarr =3D~ s/{/[/g;
$strarr =3D~ s/}/]/g;
my $arr=3D eval $strarr;

NOTICE:
you must create you function as plperlu
and add language:
create language plperlu;

Re: Workaround to get arrays for plperl

From
CaT
Date:
On Sun, Mar 30, 2008 at 04:23:07PM +0300, Eugen.Konkov@aldec.com wrote:
> It seems that function get arrays as strings in plperl.
> This is a little workaround who want pass arrays to plperl functions
>
> my( $strarr )= @_;
> $strarr =~ s/{/[/g;
> $strarr =~ s/}/]/g;
> my $arr= eval $strarr;
>
> NOTICE:
> you must create you function as plperlu
> and add language:
> create language plperlu;

It's late and I'm sleepy, but, that looks extremely hazardous to ones
health. Esp if the arrays you speak of have any chance of containing
anything that might look like perl code to begin with. ie think sql
injection, but with perl code rather then sql.

cat

Re: Workaround to get arrays for plperl

From
Date:
Yes, It is dangerous. But there is no other way to get arrays for plperl
The doc says that all passed to plperl function are strings ((

Another strange is that that '{1,2,3,4}' looks as hash in perl
It will be more conviniet if arrays passed as '[1,2,3,4]' strings if PG can
not pass them as arrays

----- Original Message -----
From: "CaT" <cat@zip.com.au>
To: <Eugen.Konkov@aldec.com>
Cc: <pgsql-bugs@postgresql.org>
Sent: Sunday, March 30, 2008 4:27 PM
Subject: Re: [BUGS] Workaround to get arrays for plperl


> On Sun, Mar 30, 2008 at 04:23:07PM +0300, Eugen.Konkov@aldec.com wrote:
>> It seems that function get arrays as strings in plperl.
>> This is a little workaround who want pass arrays to plperl functions
>>
>> my( $strarr )= @_;
>> $strarr =~ s/{/[/g;
>> $strarr =~ s/}/]/g;
>> my $arr= eval $strarr;
>>
>> NOTICE:
>> you must create you function as plperlu
>> and add language:
>> create language plperlu;
>
> It's late and I'm sleepy, but, that looks extremely hazardous to ones
> health. Esp if the arrays you speak of have any chance of containing
> anything that might look like perl code to begin with. ie think sql
> injection, but with perl code rather then sql.
>
> cat