Marijn Haverbeke <mari...@gmail.com> writes:
> Hi Stas,
>
> What happens when, with your patch, you try to pass an array as a
> query parameter? ($1, etc) I suspect the correct thing to do would be
> to return T as a second value from to-sql-string (which indicates that
> the string should be escaped when put into a query), rather than
> putting quotes into the returned string. Also, do you know what the
> correct syntax is when the array contains a string containing a single
> quote? I suspect it should be escaped, which will also be handled by
> returning a second t value. If you could test this for me, I'd be
> thankful.
Indeed, returning T works in all cases you described. I've attached a
corrected patch.
diff --git a/cl-postgres/sql-string.lisp b/cl-postgres/sql-string.lisp
index 7555cc9..3157d30 100644
--- a/cl-postgres/sql-string.lisp
+++ b/cl-postgres/sql-string.lisp
@@ -54,28 +54,32 @@ whether the string should be escaped before being put into a query.")
(:method ((arg vector))
(if (typep arg '(vector (unsigned-byte 8)))
(values (escape-bytes arg) t)
- (with-output-to-string (out)
- (write-char #\{ out)
- (loop :for sep := "" :then #\, :for x :across arg :do
- (princ sep out)
- (multiple-value-bind (string escape) (to-sql-string x)
- (if escape (write-quoted string out) (write-string string out))))
- (write-char #\} out))))
+ (values
+ (with-output-to-string (out)
+ (write-char #\{ out)
+ (loop :for sep := "" :then #\, :for x :across arg :do
+ (princ sep out)
+ (multiple-value-bind (string escape) (to-sql-string x)
+ (if escape (write-quoted string out) (write-string string out))))
+ (write-char #\} out))
+ t)))
(:method ((arg array))
- (with-output-to-string (out)
- (labels ((recur (dims off)
- (write-char #\{ out)
- (if (cdr dims)
- (let ((factor (reduce #'* (cdr dims))))
- (loop :for i :below (car dims) :for sep := "" :then #\, :do
- (princ sep out)
- (recur (cdr dims) (+ off (* factor i)))))
- (loop :for sep := "" :then #\, :for i :from off :below (+ off (car dims)) :do
- (princ sep out)
- (multiple-value-bind (string escape) (to-sql-string (row-major-aref arg i))
- (if escape (write-quoted string out) (write-string string out)))))
- (write-char #\} out)))
- (recur (array-dimensions arg) 0))))
+ (values
+ (with-output-to-string (out)
+ (labels ((recur (dims off)
+ (write-char #\{ out)
+ (if (cdr dims)
+ (let ((factor (reduce #'* (cdr dims))))
+ (loop :for i :below (car dims) :for sep := "" :then #\, :do
+ (princ sep out)
+ (recur (cdr dims) (+ off (* factor i)))))
+ (loop :for sep := "" :then #\, :for i :from off :below (+ off (car dims)) :do
+ (princ sep out)
+ (multiple-value-bind (string escape) (to-sql-string (row-major-aref arg i))
+ (if escape (write-quoted string out) (write-string string out)))))
+ (write-char #\} out)))
+ (recur (array-dimensions arg) 0)))
+ t))
(:method ((arg integer))
(princ-to-string arg))
(:method ((arg float))
--
With Best Regards, Stas.
_______________________________________________
postmodern-devel mailing list
postmodern-devel@common-lisp.net
http://common-lisp.net/cgi-bin/mailman/listinfo/postmodern-devel
