[erlang-questions] Mysql Query builder lib in Erlang?
Fred Hebert
mononcqc@REDACTED
Tue Apr 2 14:30:22 CEST 2013
Then I would not advertise it as a way to template SQL. This is
dangerous for any reader who felt the urge to use the whikers.js port to
handle SQL, as there is absolutely no protection against one of the
biggest attack vectors out there.
On 04/02, Dmitry Kolesnikov wrote:
> You are welcome to patch it!!!
>
> as I said this is Erlang port of whiskers.js template library.
> all aspects of SQL injection must be handled before *:render is called.
>
> - Dmitry
>
> On Apr 2, 2013, at 3:00 PM, Loïc Hoguin <essen@REDACTED> wrote:
>
> > mysql:render([{id, "'' or 1=1 --"}]).
> >
> > On 04/02/2013 01:59 PM, Dmitry Kolesnikov wrote:
> >> Hi,
> >>
> >> I've made Erlang port of whiskers.js template library
> >> https://github.com/fogfish/swirl
> >>
> >> as a side effect is become a client-side SQL query template builder,
> >> which I've started to use for my project.
> >>
> >> Here is a small example:
> >>
> >> swirl:c(mysql, "SELECT * FROM Users WHERE id={id}").
> >> mysql:render([{id, "xxx"}]).
> >> "SELECT * FROM Users WHERE id=xxx"
> >>
> >> - Dmitry
> >>
> >>
> >> On Apr 2, 2013, at 2:47 PM, Vineet Naik <naikvin@REDACTED
> >> <mailto:naikvin@REDACTED>> wrote:
> >>
> >>> Hi,
> >>>
> >>> Is there a mysql query builder library for Erlang? On some searching,
> >>> I came across boss_db[1] which is an ORM. While I am open to ORMs and
> >>> planning to give it a try, I would prefer a simple query builder
> >>>
> >>> [1]: https://github.com/evanmiller/boss_db
> >>>
> >>> Regards,
> >>> Vineet
> >>> _______________________________________________
> >>> erlang-questions mailing list
> >>> erlang-questions@REDACTED <mailto:erlang-questions@REDACTED>
> >>> http://erlang.org/mailman/listinfo/erlang-questions
> >>
> >>
> >>
> >> _______________________________________________
> >> erlang-questions mailing list
> >> erlang-questions@REDACTED
> >> http://erlang.org/mailman/listinfo/erlang-questions
> >>
> >
> >
> > --
> > Loïc Hoguin
> > Erlang Cowboy
> > Nine Nines
> > http://ninenines.eu
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
More information about the erlang-questions
mailing list