emacs-libpq
emacs-libpq copied to clipboard
anse1
pq:escapeLiteral does it need conn-db?
Does escaping really needs conn-db and why? Should not escaping be independent of connection?
Finally escaping function could be used to generate SQL without having a database connection.
(pq:escapeLiteral cf-db "\"") ⇒ "'\"'"
(sql-escape-string "\"") ⇒ "E'\"'"
I am using E'' notation, should not that be proper for pq:escapeLiteral in all cases? I remember some database warning appearing if there are escapes without E.
(pq:escapeLiteral cf-db "\\\\\\\\") ⇒ " E'\\\\\\\\\\\\\\\\'"
I have noticed also that space before E, should it be?
GNU Support writes:
Does escaping really needs conn-db and why? Should not escaping be independent of connection? Finally escaping function could be used to generate SQL without having a database connection.
yes, the functions PQescapeLiteral and PQescapeIdentifier need it, see
https://www.postgresql.org/docs/13/libpq-exec.html#LIBPQ-EXEC-ESCAPE-STRING
The manual mentions error reporting and encoding reasons.
Additionally when escaping don't you think that E'' notation should be used?
I didn't implement the escaping, I just made the one in libpq available to the lisp world so I don't really have an opinion on the design decisions behind it...
(pq:escapeLiteral cf-db "\"") ⇒ "'\"'" (sql-escape-string "\"") ⇒ "E'\"'"I am using E'' notation, should not that be proper for pq:escapeLiteral?
I don't care as long they both denote the same literal...
(pq:escapeLiteral cf-db "\\\\\\\\") ⇒ " E'\\\\\\\\\\\\\\\\'"I have noticed also that space before E, should it be?
Safer that way.
- Andreas Seltenreich @.***> [2021-05-31 09:15]:
GNU Support writes:
Does escaping really needs conn-db and why? Should not escaping be independent of connection? Finally escaping function could be used to generate SQL without having a database connection.
yes, the functions PQescapeLiteral and PQescapeIdentifier need it, see
https://www.postgresql.org/docs/13/libpq-exec.html#LIBPQ-EXEC-ESCAPE-STRINGThe manual mentions error reporting and encoding reasons.
Thanks. I don't know what is "literal constants". In other words, is
this function pq:escapeLiteral useful for continous escaping
strings? Should I rather use that one or the one I made myself?
The reference on the above link also says that in case of error it should return NULL.
I was expecting this to return NULL, but it returns escaped "nil":
(pq:escapeLiteral cf-db nil) ⇒ "'nil'"
So maybe that is something to think about. Sometimes strings are nothing, like NIL and then they should be NULL. I do have several use cases for that.
(sql-escape-string nil) ⇒ "NULL"
So unless it returns "NULL" on NIL input, I cannot replace it.
Other weird cases:
(pq:escapeLiteral cf-db t) ⇒ "'t'"
I don't think number should be converted to string, it would be better to fail.
(pq:escapeLiteral cf-db 2) ⇒ "'2'"
Description says: Perform literal value quoting on STRING... but anything may be given, not just a string. IMHO it should fail if it is not string and in some cases return NULL.