Kevin Murphy wrote:
> it would be nice if the JDBC driver could somehow expose the
> functionality to do the quoting and escaping required in steps 2 and 3
> without ever requiring a database connection.
> I know it's not the driver's main line of business, but since it is able
> to do these things anyway (in PreparedStatement.toString), and they are
> useful but non-trivial to do properly, why not expose the functionality?
Uh, PreparedStatement.toString() *doesn't* necessarily produce correctly
quoted queries; the PostgreSQL driver implementation produces a query
string by blindly substituting parameter values with no escaping. It's
more of a debugging tool than anything else. At the protocol level, the
driver isn't escaping strings anyway because they're being passed
separately to the query in a Bind message rather than embedded in the
query string itself.
Also, the plans for post-8.1 string escaping mean that you will need to
know what version of the server you are talking to (or something
equivalent via a read-only GUC) to know which type of escaping is
correct.. it's hard to see how that works without a database connection.
In response to
- Wish list at 2005-06-29 12:37:09 from Kevin Murphy
pgsql-jdbc by date
|Next:||From: Oliver Jowett||Date: 2005-06-29 14:09:12|
|Subject: Updated high-unicode patch|
|Previous:||From: Oliver Jowett||Date: 2005-06-29 13:17:33|
|Subject: Re: jdbc cts final diff for review|