Re: [sqlite] Parameters are not allowed in views

On Dec 23, 2011, at 2:31 PM, Chris Mets wrote: > A parameterized view allows me to do that just fine in other SQL engines, Well, MSSQL sports so-called parameterized views, but that's about it. > but apparently not SQLite. If you insist on that approach, you could rewrite your view in term

Re: [sqlite] Parameters are not allowed in views

Another possibility might be to create a parameters table, say: CREATE TABLE tabparams (p1,p2,p2,p4,p5); INSERT INTO tabparams VALUES (null,null,null,null,null); And when creating the view, access tabparams.p1, tabparams.p2, etc. instead of variables (with an appropriate join clause). Then,

Re: [sqlite] Parameters are not allowed in views

parameter substitution). Thanks & Best regards, Chris > From: k.n...@zonnet.nl > To: sqlite-users@sqlite.org > Date: Fri, 23 Dec 2011 18:03:16 +0100 > Subject: Re: [sqlite] Parameters are not allowed in views > > On Fri, 23 Dec 2011 06:31:33 -0700, Chris Mets <chris

Re: [sqlite] Parameters are not allowed in views

On Fri, 23 Dec 2011 06:31:33 -0700, Chris Mets wrote: > > Thanks for the response. In the solution you propose, > the view is no longer a parameterized view. I assume > you suggest putting the select statement with the > paramterized where clause in the code. In my

Re: [sqlite] Parameters are not allowed in views

On 23 Dec 2011, at 1:31pm, Chris Mets wrote: > Thanks for the response. In the solution you propose, the view is no longer > a parameterized view. I asume you suggest putting the select statement with > the paramterized where clause in the code. In my question, I simplified the > query. In

Re: [sqlite] Parameters are not allowed in views

Subject: Re: [sqlite] Parameters are not allowed in views > > > On Dec 21, 2011, at 11:40 PM, Chris Mets wrote: > > > Is this truly a limitation of SQLite or am I doing something wrong? > > The later. Simply create your view. Then restrict it. > > In other words: &

Re: [sqlite] Parameters are not allowed in views

Where can I learn more about "restrict it". I'm not familiar with the syntax for using the question mark. Is there a specific part of the documentation that explains it and how it works? Thanks, dvn On Wed, Dec 21, 2011 at 5:00 PM, Petite Abeille wrote: > > On Dec

Re: [sqlite] Parameters are not allowed in views

On Dec 21, 2011, at 11:40 PM, Chris Mets wrote: > Is this truly a limitation of SQLite or am I doing something wrong? The later. Simply create your view. Then restrict it. In other words: create view foo as select bar from baz select * from foo where bar = ?

[sqlite] Parameters are not allowed in views

When I execute the following SQL statement: select * from test2 where f2 = @param; it prompts me correctly for a parameter value. However, when I try to create a view: create view testview as select * from test2 where f2 = @param; I receive the following error message: Parameters are

Re: [sqlite] "parameters are not allowed in views"

Hello Alexey, uh, yes, that is true. But preprocessing the value of user_id, etc. should insulate you from that sort of things, right? Unfortunately, the Tclers' Wiki does not give a ready solution for that. But with [string map {\; "" \[ "" \] "" $user_id] you can get rid of most threats,

Re: [sqlite] "parameters are not allowed in views"

This is the Tcl binding, right? You could replace the variable by its value using [string map]: db eval [string map [list USER_ID $user_id ...] $sql_statement] or more directly: db eval \ "CREATE TABLE view_report_01 AS ... WHERE u.id = $user_id ..." Regards, Arjen On

Re: [sqlite] "parameters are not allowed in views"

Hello! On Friday 27 February 2009 18:08:19 you wrote: > [string map {\; "" \[ "" \] "" $user_id] > > you can get rid of most threats, right? We can do set param {test' sql with some injection} puts $param set param [db onecolumn {select quote($param)}] puts $param and get result test' sql with

[sqlite] "parameters are not allowed in views"

Hello! Is there way to careate view such as db eval { CREATE TABLE view_report_01 AS ?SELECT s.name ?AS service_name, ? t_l_r.cost AS cost ?FROM work.users ? AS u, ? work.user_contracts ?AS u_c, ? work.user_services ?AS u_s, ? work.services ? AS s, ? telephony.telephony_log_rating AS t_l_r, ?