[Vala] Fwd: Escape string for use in sqlite

From: Rodrigo Herefeld <rodrigo herefeld gmail com>
To: Vala List <vala-list gnome org>
Subject: [Vala] Fwd: Escape string for use in sqlite
Date: Mon, 12 Mar 2012 13:39:48 -0300

Well , no i can't , because one  machine that run the program may not have
python installed , as i said :-)
and the fact is that,  in python you won't need gda, acessing databases in
python uses  a standart way no matter the dbdriver you use ,that is very
good and make very easy change from one database to another, you'll always
have this commands:

dbdriver.connect(the connection parameters)
dbdriver.cursor().execute(sql)

and  for string scaping:

cursor.execute("INSERT INTO test VALUES(?,?)",[value1,value2])

This is the same for every database driver, so you only change the
connection parameters , and make
sure to use compatible sql.
I think the good idea about libgda is bring the same funcionality to C/C++
and VALA, but the pytho
process is still more simple and takes less code to use.


Ps.: Daniel , sorry , today i realized that gmail is responding the emails
to the person who wrotes and
not to vala list,so you'll receive this mail twice. cause i've resended to
list.
2012/3/12 Daniel Espinosa <esodan gmail com>

You can keep your code in Python, because GDA supports GObject
Introspection and PyGObject. Vala bindings in GDA are build based on
GObject Introspection.

2012/3/12 Rodrigo Herefeld <rodrigo herefeld gmail com>

I started testing libgda, but the apps  simple does not compile on my
debian( the funny thing is that i
was able to do that on windows), i would need to compile libgda and then
vala for that to work, and
the program is too small for that, in fact i had it already done in
python, but since i needed to run it
on a machine where i may not install python i decided to port it to vala.


2012/3/12 Daniel Espinosa <esodan gmail com>

Use GDA. Look at:

http://live.gnome.org/ChooseLibgdaSQLite


2012/3/9 Shawn Ferris <shawn ferris gmail com>

On Tue, Mar 6, 2012 at 12:33 PM, Luca Bruno <lethalman88 gmail com>

wrote:

On Tue, Mar 6, 2012 at 8:30 PM, Rodrigo Herefeld <

rodrigo herefeld gmail com

wrote:


When you bind a string parameter it will be escaped.


I would add that database engines are usually better at optimizing SQL
with bind variables, as well, binds help prevent SQL Injection
attacks. The latter is the best reason of all, to use them, the other
two you get for free. :D

Shawn
_______________________________________________
vala-list mailing list
vala-list gnome org
http://mail.gnome.org/mailman/listinfo/vala-list




--
Trabajar, la mejor arma para tu superación
"de grano en grano, se hace la arena" (R) (en trámite, pero para los
cuates: LIBRE)

_______________________________________________
vala-list mailing list
vala-list gnome org
http://mail.gnome.org/mailman/listinfo/vala-list



--
Rodrigo Cesar Herefeld




--
Trabajar, la mejor arma para tu superación
"de grano en grano, se hace la arena" (R) (en trámite, pero para los
cuates: LIBRE)




-- 
Rodrigo Cesar Herefeld



-- 
Rodrigo Cesar Herefeld

References:
- [Vala] Escape string for use in sqlite
  - From: Rodrigo Herefeld
- Re: [Vala] Escape string for use in sqlite
  - From: Luca Bruno
- Re: [Vala] Escape string for use in sqlite
  - From: Luca Bruno
- Re: [Vala] Escape string for use in sqlite
  - From: Shawn Ferris
- Re: [Vala] Escape string for use in sqlite
  - From: Daniel Espinosa
- Re: [Vala] Escape string for use in sqlite
  - From: Daniel Espinosa

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]