Augh don't do this, you are begging for SQL injection attacks. I'll
set one of the elements in your list to:
'); DROP TABLE users; --
On Oct 21, 5:54 pm, Shoeb Bhinderwala <shoeb.bhinderw...@gmail.com>
wrote:
> Hi
>
> I wrote the following function to create a SQL IN clause from a list
> of values. Essentially the function creates a single string which is a
> comma separated quoted list of the values surrounded by parenthesis.
>
> user=> (def xs [1 2 3 4 5])
>
> user=>(str "('" (first xs) (reduce #(str %1 "', '" %2) "" (rest xs))
> "')")
> "('1', '2', '3', '4', '5')"
>
> user=> (def xs ["ab" "cd" "ef" "gh"])
>
> user=> (str "('" (first xs) (reduce #(str %1 "', '" %2) "" (rest xs))
> "')")
> "('ab', 'cd', 'ef', 'gh')"
>
> I am wondering if there is a better/easier/more elegant way to write
> this function. Or if I can make use of a more suitable function from
> the clojure core library to achieve this?
>
> Thanks
> Shoeb
--
You received this message because you are subscribed to the Google
Groups "Clojure" group.
To post to this group, send email to clojure@googlegroups.com
Note that posts from new members are moderated - please be patient with your
first post.
To unsubscribe from this group, send email to
clojure+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/clojure?hl=en
