relate icon indicating copy to clipboard operation
relate copied to clipboard

Published 20 hours ago verified publisher icon lucidsoftware

Support #$ query interpolation

Open rbanikaz opened this issue 9 years ago • 11 comments

https://github.com/lucidsoftware/relate/issues/20

rbanikaz avatar Mar 12 '15 18:03 rbanikaz

Has this been benchmarked?

matthew-lucidchart avatar Mar 13 '15 04:03 matthew-lucidchart

@matthew-lucidchart, we do need to fix relate-benchmarks.

They don't work out-of-the-box, and currently there are no instructions on getting them to work. And though there are a lot of tests, a lot of them are never run (e.g. we only ever parameterize with ints, nothing else).

I'm agreed that this (and all other changes) should be benchmarked.

pauldraper avatar Mar 13 '15 07:03 pauldraper

Yeah, it's too bad we didn't keep up on them, but their primary purpose was to make sure we were headed down the right path from the start.

Simpler benchmarking can be done without that project.

On Fri, Mar 13, 2015 at 1:35 AM, Paul Draper [email protected] wrote:

@matthew-lucidchart https://github.com/matthew-lucidchart, we do need to fix relate-benchmarks.

They don't work out-of-the-box, and currently there are no instructions on getting them to work. And though there are a lot of tests, a lot of them are never run (e.g. we only ever parameterize with ints, nothing else).

I'm agreed that this (and all other changes) should be benchmarked.

— Reply to this email directly or view it on GitHub https://github.com/lucidsoftware/relate/pull/21#issuecomment-78849610.

matthew-lucidchart avatar Mar 13 '15 13:03 matthew-lucidchart

Please let me know if anything else I need to get this merged?

rbanikaz avatar May 13 '15 15:05 rbanikaz

Benchmarking them would go a long way in my view. Either via relate-benchmarks or your own make.

matthew-lucidchart avatar May 13 '15 15:05 matthew-lucidchart

using #$ appears to be quite a bit faster than using .toSql.

interpolation

The left is:

val s = "SELECT".toSql
val f = "FROM".toSql
val w = "WHERE".toSql
sql"$s * $f table $w 1 = 1"

The right is:

val s = "SELECT"
val f = "FROM"
val w = "WHERE"
sql"#$s * #$f table #$w 1 = 1"

gregghz avatar Feb 03 '16 21:02 gregghz

what about:

sql"${"SELECT".toSQL} * ${"FROM".toSQL} ......

On Wed, Feb 3, 2016 at 2:44 PM, Gregg Hernandez [email protected] wrote:

using #$ appears to be quite a bit faster than using .toSql.

[image: interpolation] https://camo.githubusercontent.com/5919e91b40976c3df9e45e7993e98b5666248594/687474703a2f2f692e696d6775722e636f6d2f734c35525a6e392e706e67

The left is:

val s = "SELECT".toSql val f = "FROM".toSql val w = "WHERE".toSql sql"$s * $f table $w 1 = 1"

The right is:

val s = "SELECT" val f = "FROM" val w = "WHERE" sql"#$s * #$f table #$w 1 = 1"

— Reply to this email directly or view it on GitHub https://github.com/lucidsoftware/relate/pull/21#issuecomment-179485825.

lucidchart avatar Feb 03 '16 21:02 lucidchart

what lucidchart said is the same as the original toSql benchmark.

gregghz avatar Feb 03 '16 22:02 gregghz

We should probably have some unit tests on this that check to make sure the output is what we expect.

gregghz avatar Feb 04 '16 20:02 gregghz

@rbanikaz If you're still interested in getting this merged, you'll need to update the PR (merge conflicts) and please include some unit tests as well.

gregghz avatar Aug 03 '16 14:08 gregghz

I'm inclined to reject this, because it can encourage writing code that is vulnerable to SQL injection. That said, I think having better syntax for thing like table and column names would be a good thing.

I think the proper way to do this would be to escape the name as an identifier before interpolating it. So for example, in mysql the string "foo bar" would be interpolated as `foo bar`.

Note that the escaping is different in different SQL implementations, and the quoting character needs to be escaped.

tmccombs avatar Oct 27 '17 20:10 tmccombs