| From: | Andrew McNamara <andrewm(at)object-craft(dot)com(dot)au> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Confusion over Python drivers |
| Date: | 2010-02-11 06:04:08 |
| Message-ID: | 20100211060408.C569F2365B@longblack.object-craft.com.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>> I'd like to see a requirement for the use of PQexecParams() over PQexec() -
>> even when using libpq's PQescapeStringConn(), PQexec() makes me uneasy.
>
>Such a rule seems pretty entirely pointless, unless you have a way to
>enforce that the query string passed to the function hasn't been
>assembled from parts somewhere along the way.
The point is that if the driver is doing the right thing, the user of
the driver at least has to choice to do things safely.
--
Andrew McNamara, Senior Developer, Object Craft
http://www.object-craft.com.au/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Oleg Bartunov | 2010-02-11 06:16:09 | Re: knngist patch support |
| Previous Message | Greg Smith | 2010-02-11 05:59:50 | Re: Confusion over Python drivers {license} |