Much appreciated and useful method/function
----- Ursprungligt Meddelande -----
Från: Mark Miesfeld <[email protected]>
Till: ooRexx Dev List <[email protected]>
Kopia:
Datum: lördag, 23 juni 2012 22:53
Ämne: [Oorexx-devel] ooSQLite 'sanitizer' / 'encapsulate' functionality added.
After the discussion the other day, I have added a method and a function to
ooSQLite that can be used as a "sanitizer" function.
.ooSQLite~enquote(v)
This takes either a single object as the argument or an array of objects.
A string is returned with the object or objects converted to SQL
literals. The string value of the object is enclosed in single quotes and
if the string value contains any single quotes, those single quotes are
escaped. Any object that is the .nil object is converted to NULL, no
single quotes. If the argument is an array, then the indexes 1 through N
where N == the size of the array are converted and added to the returned
string with a comma separating the literals.
If any index within 1 through N is missing, then that index is converted to
NULL.
ooSQLiteEnquote() is the classic Rexx function that does the same general
thing. Instead of an array it accepts a stem: stem.0 == N and stems stem.1
through stem.N are converted.
Here are some examples from the documentation:
r1 = .array~new(4)
r1[1] = "Tom"
r1[2] = "Hanks"
r1[4] = "male"
r2 = .array~of("Mike", , "555-9988", .nil)
sql1 = "INSERT INTO my_table (fName, lName, phone, gender)
VALUES("ooSQLite~enquote(r1)");"
sql2 = "INSERT INTO my_table (fName, lName, phone, gender)
VALUES("ooSQLite~enquote(r2)");"
say sql1
say sql2
/* Output would be:
INSERT INTO my_table (fName, lName, phone, gender) VALUES('Tom', 'Hanks',
NULL, 'male');
INSERT INTO my_table (fName, lName, phone, gender) VALUES('Mike', NULL,
'555-9988', NULL);
*/
str = "It's a happy day!"
say .ooSQLite~Enquote(str)
/* Output would be:
'It''s a happy day!'
*/
Similar thing for ooSQLiteEnquote():
r1.0 = 4
r1.1 = "Tom"
r1.2 = "Hanks"
r1.4 = "male"
r2.0 = 4
r2.1 = "Mike"
r2.3 = "555-9988"
r2.4 = .nil
sql1 = "INSERT INTO my_table (fName, lName, phone, gender)
VALUES("ooSQLiteEnquote(r1.)");"
sql2 = "INSERT INTO my_table (fName, lName, phone, gender)
VALUES("ooSQLiteEnquote(r2.)");"
say sql1
say sql2
/* Output would be:
INSERT INTO my_table (fName, lName, phone, gender) VALUES('Tom', 'Hanks',
NULL, 'male');
INSERT INTO my_table (fName, lName, phone, gender) VALUES('Mike', NULL,
'555-9988', NULL);
*/
str = "It's a happy day!"
say .ooSQLite~Enquote(str)
/* Output would be:
'It''s a happy day!'
*/
Separating the values in an array is very convenient for INSERT
statements. Are there any other uses of literals in SQL statments that
this functionality could improve on?
--
Mark Miesfeld
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Oorexx-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/oorexx-devel------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Oorexx-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/oorexx-devel
