I sympathize, but using a prepared statement parameter requires support for the type of the parameter. If the library doesn't support it, you'll need to use strings (and escape them appropriately, though it looks like the library doesn't provide a string-escaping function), or else patch the library to provide support.
> On Jan 17, 2016, at 7:35 PM, Alexis King <lexi.lam...@gmail.com> wrote: > > I would like to avoid interpolating into a query if at all possible, > given that this string is not something I control. I could be very > careful about validating or sanitizing it, but this is a pretty textbook > use case for parameterized queries. > >> On Jan 17, 2016, at 16:19, Jon Zeppieri <zeppi...@gmail.com> wrote: >> >> How about: (query-exec conn (format "INSERT INTO some_table (ip) VALUES >> (inet '~a')" client-ip)) > -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
