Re: DBD::PgSPI 0.02

On Mon, Dec 06, 2004 at 03:02:45PM -0500, alex@pilosoft.com wrote:
> On Mon, 6 Dec 2004, Michael Fuhr wrote:
> 
> > On Mon, Dec 06, 2004 at 02:34:33PM -0500, alex@pilosoft.com wrote:
> > > 
> > > For quick access from trusted code, spi_exec should just do fine.
> > 
> > BTW, does stock PL/Perl have functions for escaping identifiers,
> > strings, and binary strings?
>
> non-DBI? no.
> 
> DBI? yes, $pg_dbh->quote('foo')

Yeah, I know about DBI, but since we currently can't use it in
trusted code I was wondering what we *could* use.  With DBI I'd be
using placeholders wherever possible, but unless I've missed something
spi_exec_query() requires values to be interpolated into the query
string.  Danger, danger.

-- 
Michael Fuhr
http://www.fuhr.org/~mfuhr/