| From: | Michael Glaesemann <grzm(at)seespotcode(dot)net> |
|---|---|
| To: | Michael Glaesemann <grzm(at)seespotcode(dot)net> |
| Cc: | "D(dot) Dante Lorenso" <dante(at)lorenso(dot)com>, Wei Weng <wweng(at)kencast(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Is there a better way to do this? |
| Date: | 2007-08-28 23:08:37 |
| Message-ID: | 9D95DE49-0A71-41C3-990C-A8DD6FF7E6A1@seespotcode.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Aug 28, 2007, at 17:46 , Michael Glaesemann wrote:
> I'm sure others could provide more cogent explanations, but those
> are my initial thoughts.
Thinking about this a little bit more: pushing interpolation/
concatenation to the furthest extreme you get to using eval-like
construct, which is generally not considered something you want to
do. Not quite that far you get SQL-injection (to bring the point a
little closer to home). Now, granted you don't need to worry about
these types of things in the specific example you provided, but these
are related to the more general "it's bad practice" statement.
Michael Glaesemann
grzm seespotcode net
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrej Ricnik-Bay | 2007-08-28 23:33:06 | Re: Install on 32 or 64 bit Linux? |
| Previous Message | Ron Johnson | 2007-08-28 23:01:59 | Re: Install on 32 or 64 bit Linux? |