Skip site navigation (1) Skip section navigation (2)

Re: Wish list

From: Oliver Jowett <oliver(at)opencloud(dot)com>
To: Kevin Murphy <murphy(at)genome(dot)chop(dot)edu>
Cc: pgsql-jdbc(at)postgresql(dot)org
Subject: Re: Wish list
Date: 2005-06-29 13:38:56
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-jdbc
Kevin Murphy wrote:

> it would be nice if the JDBC driver could somehow expose the
> functionality to do the quoting and escaping required in steps 2 and 3
> without ever requiring a database connection.
> I know it's not the driver's main line of business, but since it is able
> to do these things anyway (in PreparedStatement.toString), and they are
> useful but non-trivial to do properly, why not expose the functionality?

Uh, PreparedStatement.toString() *doesn't* necessarily produce correctly
quoted queries; the PostgreSQL driver implementation produces a query
string by blindly substituting parameter values with no escaping. It's
more of a debugging tool than anything else. At the protocol level, the
driver isn't escaping strings anyway because they're being passed
separately to the query in a Bind message rather than embedded in the
query string itself.

Also, the plans for post-8.1 string escaping mean that you will need to
know what version of the server you are talking to (or something
equivalent via a read-only GUC) to know which type of escaping is
correct.. it's hard to see how that works without a database connection.


In response to

  • Wish list at 2005-06-29 12:37:09 from Kevin Murphy

pgsql-jdbc by date

Next:From: Oliver JowettDate: 2005-06-29 14:09:12
Subject: Updated high-unicode patch
Previous:From: Oliver JowettDate: 2005-06-29 13:17:33
Subject: Re: jdbc cts final diff for review

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group