Oh and that would also be the prime place to convert .true and .false to 1/0 if necessary as is the case in Python.
On 6/21/12 4:43 PM, Lee Peedin wrote: > Converting a .nill to NULL would/should be the responsibility of the > implementer. And the best place > to do that would be in a sanitize routine that all column values should be > sent to prior to an > insertion/update. That is if you want to bypass the possibility OS SQL > injection. > > Sent From My iPhone > > On Jun 21, 2012, at 3:59 PM, Mark Miesfeld <[email protected] > <mailto:[email protected]>> wrote: > >> On Thu, Jun 21, 2012 at 12:06 PM, hakan <[email protected] >> <mailto:[email protected]>> wrote: >> >> __ >> As I have limited knowledge in SQL, I "know" the following: >> The NULL value in a SQL statement is just NULL, no quotes >> >> Okay, then that is the way the string you pass to .ooSQLiteStmt() needs to >> be constructed. >> >> and that is the hard part when building a resulting string in rexx using >> rexx variables. >> That's why I use string~changestr('NULL', NULL) as my uninitialized >> variables will be set to >> this value ('NULL') if they don't exist in the current record built for >> insert. >> >> Then that seems like a good solution and the one you should use. >> >> >> There is no apparently overhead in doing the changestr clause, I now >> inserts ~500 000 records >> spread over 5 tables(~7 columns/table) + 2 indexes in about 120-180 >> seconds, using a memory >> database and then copy it to disc. >> So I can accept doing the changestr in my code. >> It's mearly a matter of convinence about the NULL, and maybe the size of >> the database( i >> believe NULL take less space than 1 space or more) and the fact you >> can't query the database >> for "if not NULL" of " if NULL" >> >> Well, yes you definitely want to be able to insert the SQL null into your >> databases. To do that >> you can construct your SQL string so that NULL is not quoted, or use >> parameters in the SQL string. >> But here is where you lost me. From your first post: >> But can it be possible to get support for .nil (NULL) in ooSQLite so the >> each sql statement is >> scanned (to remove the quotes) before handover to SQLite. >> I'm not sure I understand what you want ooSQLite to do here. Scan every >> string passed to >> .ooSQLiteStmt~new(.. string) and look for / change what. If the string has: >> the NIL object in it, >> change that to NULL? If the string has: 'NULL' change that to NULL? >> What if the user wanted "the NIL object" in the string? What if the user >> wanted the value to be >> the string NULL? >> Plus, each language has its strong points. The place to do string >> manipulation is in the Rexx >> code, not in the C/C++ implmentation code. >> The implementation of .ooSQLiteStmt~new() could do a changstr() on the >> passed in string and then >> call the C/C++ plus implementation code. But then that forces every >> programmer to have the >> overhead of changestr() running on every single SQL statement, and the risk >> of getting wrong. >> I understand the concept of making it easier for the Rexx programmer no >> matter if it is hard to do >> in the implementation code or not. But this seems like a case where it is >> not a good idea. It >> doesn't seem like a good idea to force every program to incur the overhead >> of scanning every SQL >> string and possibly do some type of replacement when the majority of the SQL >> strings don't need that. >> -- >> Mark Miesfeld >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> _______________________________________________ >> Oorexx-devel mailing list >> [email protected] >> <mailto:[email protected]> >> https://lists.sourceforge.net/lists/listinfo/oorexx-devel > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > > _______________________________________________ > Oorexx-devel mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/oorexx-devel ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Oorexx-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/oorexx-devel
