I was partially unclear with using a constant table name here; what I
actually need as well is the table name as effectively a const that I
control as well. So more like
mydb eval {$SELECT json FROM $table WHERE json_extract(json, '$.hash') =
$someId}
The problem is this will cause $table to be interpolated as a SQL string,
which it is not: it is a table name. But even if I _do_ make the table name
a literal, as in this query:
% set hash 24471899
24471899
% mydb eval {SELECT json FROM NotImportant WHERE json_extract(json,
'$.hash') = $hash}
_and_ I'm using curly-brace evaluation, the json_extract fails.
It isn't JSON1 because if I _directly_ interpolate (introducing the
possibility of SQL injection) it works fine.
Even if I make the JSON path its own variable and do the same, it fails:
% set json_path {$.hash}
$.hash
% mydb eval {SELECT json FROM NotImportant WHERE json_extract(json,
$json_path) = $hash}
%
So I'm kind of at a loss.
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
