You're my hero. :-)
Sent From My iPhone
On Jun 23, 2012, at 4:52 PM, Mark Miesfeld <[email protected]> wrote:
> After the discussion the other day, I have added a method and a function to
> ooSQLite that can be used as a "sanitizer" function.
>
> .ooSQLite~enquote(v)
>
> This takes either a single object as the argument or an array of objects.
> A string is returned with the object or objects converted to SQL
> literals. The string value of the object is enclosed in single quotes and
> if the string value contains any single quotes, those single quotes are
> escaped. Any object that is the .nil object is converted to NULL, no
> single quotes. If the argument is an array, then the indexes 1 through N
> where N == the size of the array are converted and added to the returned
> string with a comma separating the literals.
>
> If any index within 1 through N is missing, then that index is converted to
> NULL.
>
> ooSQLiteEnquote() is the classic Rexx function that does the same general
> thing. Instead of an array it accepts a stem: stem.0 == N and stems stem.1
> through stem.N are converted.
>
> Here are some examples from the documentation:
>
> r1 = .array~new(4)
> r1[1] = "Tom"
> r1[2] = "Hanks"
> r1[4] = "male"
>
> r2 = .array~of("Mike", , "555-9988", .nil)
>
> sql1 = "INSERT INTO my_table (fName, lName, phone, gender)
> VALUES("ooSQLite~enquote(r1)");"
> sql2 = "INSERT INTO my_table (fName, lName, phone, gender)
> VALUES("ooSQLite~enquote(r2)");"
>
> say sql1
> say sql2
>
> /* Output would be:
>
> INSERT INTO my_table (fName, lName, phone, gender) VALUES('Tom', 'Hanks',
> NULL, 'male');
> INSERT INTO my_table (fName, lName, phone, gender) VALUES('Mike', NULL,
> '555-9988', NULL);
>
> */
>
> str = "It's a happy day!"
> say .ooSQLite~Enquote(str)
>
> /* Output would be:
>
> 'It''s a happy day!'
>
> */
>
>
> Similar thing for ooSQLiteEnquote():
>
> r1.0 = 4
> r1.1 = "Tom"
> r1.2 = "Hanks"
> r1.4 = "male"
>
> r2.0 = 4
> r2.1 = "Mike"
> r2.3 = "555-9988"
> r2.4 = .nil
>
> sql1 = "INSERT INTO my_table (fName, lName, phone, gender)
> VALUES("ooSQLiteEnquote(r1.)");"
> sql2 = "INSERT INTO my_table (fName, lName, phone, gender)
> VALUES("ooSQLiteEnquote(r2.)");"
>
> say sql1
> say sql2
>
> /* Output would be:
>
> INSERT INTO my_table (fName, lName, phone, gender) VALUES('Tom', 'Hanks',
> NULL, 'male');
> INSERT INTO my_table (fName, lName, phone, gender) VALUES('Mike', NULL,
> '555-9988', NULL);
>
> */
>
> str = "It's a happy day!"
> say .ooSQLite~Enquote(str)
> /* Output would be:
> 'It''s a happy day!'
> */
>
>
> Separating the values in an array is very convenient for INSERT
> statements. Are there any other uses of literals in SQL statments that
> this functionality could improve on?
>
> --
> Mark Miesfeld
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Oorexx-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/oorexx-devel
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Oorexx-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/oorexx-devel
