[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [NonGNU ELPA] New package: sqlite3

From: Tomas Hlavaty
Subject: Re: [NonGNU ELPA] New package: sqlite3
Date: Tue, 21 Mar 2023 21:36:47 +0100

On Tue 21 Mar 2023 at 09:51, Jean Louis <bugs@gnu.support> wrote:
> While such packages exists, for me I do not find them usable as then I
> have to forget about the SQL and learn about the new Emacs Lisp
> structure that is to correspond to SQL. I see personally no benefit in
> that.
> (sql (format "SELECT DISTINCT ON (people_id) 
        sql injection danger right there

Using strings is a bad idea.  You have to manually ensure every such use
is properly escaped.  If you used sexp and let elisp do the conversion,
every such usage could be automatically properly escaped.

Also using sexp does not mean you cannot use plain sql:

   (sql `(SELECT DISTINCT ON (people_id)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]