Re: Standard DBI Proposal
- From: "Donal K. Fellows" <donal.k.fellows@xxxxxxxxx>
- Date: Sun, 28 Oct 2007 03:56:11 -0700
Darren New wrote:
It would be nice, but how do you handle code like
if ("" != $_GET['name'])
$sql .= "WHERE name like '" . esc($_GET['name']) . "%' AND ";
(Yes, it's PHP. Deal. :-)
I often do this sort of thing with a dozen different form fields,
building up a query clause by clause. If I had only prepared statements,
would I need 2^N statements?
No, since the interface layer should be hiding all that stuff from
you, and you'd just be writing:
if {$GET(name) ne ""} {
# I can't remember right now if SQLite handles array vars
set paramName $GET(name)
append sql {WHERE name LIKE '$paramName%' AND }
}
Yes, this is the SQLite approach. It gets it *right*.
Donal.
.
- Follow-Ups:
- Re: Standard DBI Proposal
- From: tom.rmadilo
- Re: Standard DBI Proposal
- From: Tom Poindexter
- Re: Standard DBI Proposal
- References:
- Standard Database Interface?
- From: tcltkdev
- Re: Standard Database Interface?
- From: Sean Woods
- Re: Standard Database Interface?
- From: tcltkdev
- Re: Standard Database Interface?
- From: Sean Woods
- Re: Standard Database Interface?
- From: thelfter@xxxxxxxxx
- Re: Standard Database Interface?
- From: Sean Woods
- Standard DBI Proposal (was: Re: Standard Database Interface?)
- From: Donal K. Fellows
- Re: Standard DBI Proposal (was: Re: Standard Database Interface?)
- From: Sean Woods
- Re: Standard DBI Proposal
- From: Donal K. Fellows
- Re: Standard DBI Proposal
- From: Darren New
- Standard Database Interface?
- Prev by Date: Re: UTF-8 strings
- Next by Date: Re: itemconfigure for canvas text items
- Previous by thread: Re: Standard DBI Proposal
- Next by thread: Re: Standard DBI Proposal
- Index(es):
Relevant Pages
|
