[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [NonGNU ELPA] New package: sqlite3
|
From: |
Tomas Hlavaty |
|
Subject: |
Re: [NonGNU ELPA] New package: sqlite3 |
|
Date: |
Tue, 21 Mar 2023 21:36:47 +0100 |
On Tue 21 Mar 2023 at 09:51, Jean Louis <bugs@gnu.support> wrote:
> While such packages exists, for me I do not find them usable as then I
> have to forget about the SQL and learn about the new Emacs Lisp
> structure that is to correspond to SQL. I see personally no benefit in
> that.
[...]
> (sql (format "SELECT DISTINCT ON (people_id)
^
sql injection danger right there
Using strings is a bad idea. You have to manually ensure every such use
is properly escaped. If you used sexp and let elisp do the conversion,
every such usage could be automatically properly escaped.
Also using sexp does not mean you cannot use plain sql:
(sql `(SELECT DISTINCT ON (people_id)
- Re: [NonGNU ELPA] New package: sqlite3, (continued)
- Re: [NonGNU ELPA] New package: sqlite3, Philip Kaludercic, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Lynn Winebarger, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Philip Kaludercic, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Lynn Winebarger, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Philip Kaludercic, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Tomas Hlavaty, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Lynn Winebarger, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Tomas Hlavaty, 2023/03/21
- Message not available
- Re: [NonGNU ELPA] New package: sqlite3, Tomas Hlavaty, 2023/03/21
- Re: [NonGNU ELPA] New package: sqlite3, Philip Kaludercic, 2023/03/22
- Re: [NonGNU ELPA] New package: sqlite3,
Tomas Hlavaty <=
Re: [NonGNU ELPA] New package: sqlite3, Richard Stallman, 2023/03/06