[Haskell-cafe] ANNOUNCE: hdbi-1.0.0 and hdbi-postgresql-1.0.0
tom-lists-haskell-cafe-2013 at jaguarpaw.co.uk
Wed Jul 31 13:47:28 CEST 2013
On Wed, Jul 31, 2013 at 05:28:02PM +0600, Alexey Uimanov wrote:
> The rationale is that the low-level database interface accepts parameters
> directly instead of inserting them inside the query manually.
> Low-level database interface knows better how to work with parameters, so
> the driver must pass them to it instead of parameters substitution.
Letting the low-level database interface (I'm guessing you're talking about
a C library provided by the database vendor) do the escaping certainly makes
a lot of sense.
However, it would still be possible to make sure that the *number* of
parameters supplied matches the number of placeholders in the query string.
That would make sense, don't you think?
More information about the Haskell-Cafe