One more thing. :-) I believe it way Rick who mentioned "sql injection" early on in this conversation. David Ruggles developed a method in our "wrapper class" call "sanitize" which became a "must use" in our office. No data is to be inserted in changed in a table without sanitizing it first (wrapping it in quotes). Might be a nice enhancement to add to the SQLLite class at some point.
Lee On 6/4/2012 9:33 AM, Lee Peedin wrote: > > > On 6/4/2012 9:11 AM, Mark Miesfeld wrote: >> On Mon, Jun 4, 2012 at 4:47 AM, Lee Peedin<[email protected]> wrote: >> >>> Mark, lets assume your table structure is something like: >>> firstname >>> lastname >>> address >>> city >>> state >>> zip >>> >>> Now lets assume your sql query was simply: >>> select * from table >>> >>> Both your and Jon's query would work fine UNTIL the point where it's >>> determined that we now need a >>> middleinitial column between firstname and lastname. The beauty of SQL is >>> that column can be >>> inserted and the integrity of the data is not harmed. >>> >>> HOWEVER, if your case of using an array of arrays, every statement in every >>> script that expected the >>> lastname to be the 2nd column to be returned would have to now be changed >>> to the 3rd column. >> >> That's a good point Lee. >> >> I'm not arguing against using an array of directories. I'm just >> saying that it this point, (since the array of arrays is already >> coded,) it would be just as easy to allow the user to specify how he >> wanted the result set returned. It could be an attribute of the >> database. >> >> After your and Jon's arguments, I would make the default an array of >> directories. >> >> Yours is a good point, I'm not saying it isn't. But, if your >> application was already coded, why wouldn't you add the new column at >> the end, column 6? >> > > Several reasons - first and foremost: "my application may not be the only one > using the database/table". > > Trust me, no matter how much you plan ahead and try to map out your database > requirements, sooner or > later a need to add/change/delete will raise it's nasty head. I've had to > work for years on > database tables where the only "practical" way of adding columns to a table > was to do it at the end. > It's just not a burden that should have to be born anymore when > "Structured" data is an option. :-) > >>> But, hey, what do I know. >> >> Probably a lot more than I do when it comes to databases. >> >> -- >> Mark Miesfeld >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> Oorexx-devel mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/oorexx-devel >> >> __________ Information from ESET NOD32 Antivirus, version of virus signature >> database 7193 (20120604) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> >> >> > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Oorexx-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/oorexx-devel > > __________ Information from ESET NOD32 Antivirus, version of virus signature > database 7194 (20120604) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Oorexx-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/oorexx-devel
