On Wed, Dec 30, 2009 at 8:30 AM, Ray Burkholder <[email protected]> wrote: >> >> 2. There is no well realised library on C ++ for operation with >> PostgreSQL >> >> (in SOCI bytea data type is not supported), therefore it is >> necessary to use >> >> native library on C - libpq; >> > >> > What's wrong with using a C library? Or libpqxx? ( http://pqxx.org/ ) >> >> Or Wt::Dbo once it has a PG backend? >> > > I have been using the libpq library for use with my wt stuff. It allows me > to marshall my parameters directly into an array of variables for passing to > the engine. This eliminates most avenues of sql hack attacks. > > Last time I checked, libpqxx and soci were unable to provide that ability. > > If a backend for Wt::Dbo could do that, terrific. I don't have the time to > do it at the moment, but from what I see, the basic > select/insert/update/delete operations in libpq might simply be done up as a > series of templates. This would allow variable number of parameters, and > provide specific types for each parameter (for fastest calling capability). > For slightly slower calls, boost::variant might be useful in this regard.
Actually, Variant is faster then you might think when properly used, but Boost.Fusion would have been perfect. However, Wt.Dbo is a bit higher level, but it does it pretty well though, and from my reading in that back-end, that is the only way it passes things. It actually creates generated procedures, and binds variables to those when it calls it, so yes, it is *very* safe like that. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ witty-interest mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/witty-interest
