On Sat, Dec 5, 2009 at 6:01 PM, Don Baccus dhog...@pacifier.com wrote:
On Dec 5, 2009, at 5:13 PM, Tom Jackson wrote:
Tcl can write a query string which uses the keyword NULL.
Unfortunately the simple (but very nice and also safe) bind variable
concept doesn't handle this common requirement.
Personally I like the Oracle behavior.
Man, I hate it. See code at the end of this email.
Why is it that you can't get out what you put in? 'is null' doesn't
make a lot of sense to me to begin with (please, just accept test=NULL!)
but the fact that oracle turns my '' into a null means that
And in regards to protecting from sql injections, using ns_dbquote and
the binding emulation both seem like they'd do the trick. If your bind
variable or quoted variable contains something like NULL or a bit of SQL
or a special column like the postgres equivalent of sysdate which is
slipping
On Dec 6, 2009, at 1:49 PM, Tom Jackson wrote:
The requirement is the ability to handle both the empty string and
NULL.
Personally I like the Oracle behavior.
I mean ... it might help if you actually *knew* the Oracle behavior
before posting an opinion, positive or negative, about it.
On Dec 6, 2009, at 1:49 PM, Tom Jackson wrote:
The requirement is the ability to handle both the empty string and
NULL.
Personally I like the Oracle behavior.
I mean, hell, there's even a daily WTF post about it:
http://forums.thedailywtf.com/forums/p/1225/26879.aspx
(in which many
On Dec 6, 2009, at 9:19 PM, Rusty Brooks wrote:
And in regards to protecting from sql injections, using ns_dbquote
and the binding emulation both seem like they'd do the trick.
If a user types in NULL and you call ns_dbquote, you'll get 'NULL'.
Just as with the binding emulation.
The only
On Dec 6, 2009, at 9:16 PM, Rusty Brooks wrote:
Why is it that you can't get out what you put in? 'is null'
doesn't make a lot of sense to me to begin with (please, just accept
test=NULL!)
Oh, it makes perfect sense within the formal framework of SQL. no
value is not the same as a
Oh, it makes perfect sense within the formal framework of SQL. no
value is not the same as a value which is empty.
The difference isn't as obvious with strings, but i = 0 is not the
same as I have no value for i. Unknowns are important.
In Tcl we do it typically by saying [info exists i]