> On Tue, 2004-03-02 at 16:55, Andrew Piskorski wrote: >> Hm, maybe that should actually be movded into the standard ns_db API?
No - it's the wrong thing to do with any database that implements variables that can be assigned values and later used in SQL queries. Is Oracle the only popular RDBMS to do this? I think there's been talk of maybe implementing them in PG in which case the bindvar kludge (I helped write it, I get to call it that!) would hopefully go away (assuming the PG group implemented them in a useful way). The emulation behavior helps prevent SQL smuggling by quoting literals, and the SQL standard demands that '123' be converted to an integer so the kludge is on safe grounds in that regard. On the other hand the empty value to NULL conversion paradigm is strictly an Oracle-ism we copied for convenience (there being no quoted literal value that converts to NULL). >> I never looked closely but there's other stuff like that too, LOBs, >> etc. It would be kind of nice if there was one standard ns_db >> interface to such extended features > > brainstorm time, anyone else have ideas? LOBs by their nature are unportable. We're not using PG LOBs anyway but rather fake 'em in the driver (this isn't the place to reiterate the problems with PG's built-in LOBs that led to this decision). If we used native LOBs the interface is so different than Oracle's it's pointless, IMO, to think of trying to standardize an API at the driver level. >> Dunno, I never looked much at how the bind variable emulation actually >> worked, I just figured the OpenACS guys who wrote it must have known >> what they were doing and slapped it in. :) We just quote the value stored in the corresponding Tcl var, and convert the empty string to NULL. This is semantically equivalent to how Oracle bindvars work, believe it or not. Well, not so surprising, undoubtably Oracle's calling the convert-from-string function for the target type for each bind var just like PG does (and SQL sez it must do) for the quoted literals we feed it. Thus we can share standard queries using the bindvar notation between Oracle and PG ... and this approach stifles SQL smuggling. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
