[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-smalltalk] [PATCH] postgres: Work on formatting Smalltalk type
|
From: |
Holger Hans Peter Freyther |
|
Subject: |
Re: [Help-smalltalk] [PATCH] postgres: Work on formatting Smalltalk types for PostgreSQL |
|
Date: |
Tue, 21 May 2013 10:07:01 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Tue, May 21, 2013 at 09:45:04AM +0200, Paolo Bonzini wrote:
> Hmm, that would be a bug.
DBI.MySQL.MySQLConnection fieldConverterClass uniqueInstance
print: ''';DROP TABLE;"DROP TABLE' on: stdout
This is the 'dual-use' of the FieldConverter. It is good for
SQLite/PostgreSQL queries but it is not really up to the task
for MySQL. The question is what do we do with MySQL in terms
of 'prepared' statements? The only thing I can think of is
a better >>% that is also doing SQL escaping (like the escaping
from ROE).