[Cppcms-users] CppDB: SQL Parameter for IN clause
Brought to you by:
artyom-beilis
Menu
▾
▴
[Cppcms-users] CppDB: SQL Parameter for IN clause
|
From: CN <cn...@fa...> - 2016-03-04 05:34:26
|
Hi!
I do not simply add this question as a feature request to CppDB project
site because I am not sure whether or not I am asking too much or there
actually are workarounds of this issue.
Say I have this SQL:
SELECT 1 FROM t WHERE c IN (?)
Users might enter the following values for the "?" inside the
parentheses:
'a','b','c'
2,3,4
and expect they faithfully replace the question mark as they are.
However, if I am correct, working with PostgreSQL libpq, the current
implementation of CppDB and another database connection product not
belonging to CppCMS products tend to incorrectly send the final SQL to
PostgreSQL server like so:
SELECT 1 FROM t WHERE c IN ('<v>')
, where <v> is a character string which can be one of the following two
values
'a','b','c'
2,3,4
with all single quotes properly escaped, if any. Although the ultimate
SQL is valid, it yields wrong query result.
How do you folks handle such corner case? Is this issue supposed to be
handled on application level or database connection component level?
Thank you in advance for any input!
Best Regards,
CN
--
http://www.fastmail.com - Access all of your messages and folders
wherever you are
|
