[DB-SIG] Proposed improvements to DBAPI 2.0 Cursor.execute() method.
Harald Armin Massa
haraldarminmassa at gmail.com
Wed Aug 16 08:58:54 CEST 2006
I skimmed them, and in my eyes these changes involve a bit too much magic to
be helpfull in the full range of database accesses.
"Since columns is a sequence, and sequences in SQL are always joined by ,, "
That is clearly wrong. With the SQL engine I use (PostgreSQL); there is the
data type of "ARRAY", so sequences are stored as array.
"SELECT name, address FROM %s WHERE id = %S"
As much as I understand: Big S means escaping, small s means "do not escape"
? For me this bears to much risk for to less gain. Especially since dynamic
exchanges of the names of tables and columns in SQL-queries is a totally
different beast then changing parameters. "Different beast" as:
"usually has to happen in two steps"
is quite incorrect concerning the "ususally" in my experience. The dynamic
exchanging of tablenames within statements is the ABSOLUTE minority, 1 out
of 40 or less statements. Especially since queries querying only one table
are the absolute minority; and the dynamic exchange of 3 tables is
undebuggable :)
So from my point -1
Harald
--
GHUM Harald Massa
persuadere et programmare
Harald Armin Massa
Reinsburgstraße 202b
70197 Stuttgart
0173/9409607
-
Let's set so double the killer delete select all.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/db-sig/attachments/20060816/1be77574/attachment.htm
More information about the DB-SIG
mailing list