I see now that I misunderstood what syntax-parse can really do. It is
absurdly more powerful than I realized at first. There was no need for a
separate "collect" macro as it should just be a syntax class within the
main macro. I've got it all working now in relatively simple cases that I
should be
My impression is that stored procedures are much less commonly used
than sending plain strings across the wire to the DB. I don't have any
data for this though, just my impression.
The common way to avoid SQL injections is to use some symbol to
represent a variable to be replaced on the server wit
I like Matthew's blog post for that purpose.
http://blog.racket-lang.org/2011/10/on-eval-in-dynamic-languages-generally.html
Vincent
On Wed, 05 Aug 2015 15:55:56 -0500,
Neil Van Dyke wrote:
>
> On second thought, it's arrogant of me to do a drive-by "don't use eval"
> PSA, if I'm not willing
On second thought, it's arrogant of me to do a drive-by "don't use eval"
PSA, if I'm not willing to support the assertion each time it's questioned.
Or I should have a written argument somewhere that supports my assertion
well enough, that I can point people to it and expect not to have to say
On 04/08/2015 11:54, Neil Van Dyke wrote:
..,
If someone has the time and inclination to develop that, more power to
them.
Until such a volunteer emerges, I think the first step is to have the
Racket documentation strongly discourage people from using eval.
(Second step: go through all the
I agree SQL is an interesting analogy but I draw the opposite
conclusion, if I correctly remember what I did ~5 years ago.
There is an eval-ish way of using SQL, such as forming SQL code out of
strings. This tends to perform slower and is extremely vulnerable to
injection and other unexpected beha
One example of eval being used for extremely practical purposes is with SQL.
Many practical programmers regularly generate SQL strings which are then
passed to a remote server, which are then evaluated. Indeed, all the same sorts
of arguments against eval may be made against SQL:
1. SQL is co
On 04/08/2015 16:34, Alexis King wrote:
And that, I think, is the problem: eval seems a lot like a “one size fits all”
approach to problem solving.
...
We write in high-level languages for a reason. There’s no reason to stunt their
ability to abstract by directly calling eval.
I do unders
8 matches
Mail list logo
