Re: proof concept: do statement parametrization

On Jul4, 2010, at 11:59 , Pavel Stehule wrote:
> 2010/7/4 Florian Pflug <fgp(at)phlo(dot)org>:
>> On Jul4, 2010, at 08:41 , Pavel Stehule wrote:
>>> I enhanced DO statement syntax to allowing a parameters. Syntax is
>>> relative simple:
>>>
>>> do ([varname] vartype := value, ...) $$ ... $$
>>
>> I think it'd be more useful to put the values at the very end of the statement, not somewhere in the middle. For positional parameters I envision
>>
>> do (vartype, ...) $$ ... $$ using value, ...
>>
>> and for named parameters it'd be
>>
>> do (varname vartype) $$ ... $$ using varname := value, ...

> Your syntax is longer and less readable (my personal view). With
> proposed syntax it is ensured so every parameter has a value. Next -
> my syntax is reflecting fact, so these are not true parameters - it's
> +/- similar to default values of function parameters.

Yeah, with your syntax omitting a value is syntactically invalid, while with mine it'd parse OK and fail later on. But I fail to see the drawback of that. I do agree that my suggestion is slightly more verbose, but it think thats compensated by the increase in usefulness.

> I understand to your motivation - but you can use a printf command and
> do it same work.

Sure. But by the very same argument, printf makes DO-block parameters redundant as a whole.

> or better and safer - use a psql variables (it is preferred solution)

I don't really buy that argument. By using a psql variable, you simply move the quoting & escaping business from SQL to the shell where psql is called. True, you avoid SQL injectiont, but in turn you make yourself vulnerable to shell injection.

best regards,
Florian Pflug