Comments (10)
Running (conman/bind-connection db "sql/queries.sql")
will rebind the new connection to the queries. However, if you've compiled a jar, the queries.sql
will be loaded relative to the resource path of the jar, not externally.
from conman.
@vinurs asked this same question of HugSQL, where you are able to use a java.io.File
outside of the resource path. Since conman wraps HugSQL's map-of-db-fns
, I initially assumed you could do the same for the specified file. Upon further inspection, though, it looks like conman is expecting a string file path.
from conman.
Ah makes sense, I'll update to allow taking a File
as well.
from conman.
@yogthos thanks very much, in HugSQL, there seems a option
that can prevent SQL injection, but in conman it seems doesn't support it, could you update it?
from conman.
Sure, what option are you referring to specifically?
from conman.
@yogthos this is the option:
By default, identifiers are not quoted. You can specify your desired quoting as an option when defining your functions or as an option when calling your function.
If you are taking identifiers from user input, you should use the :quoting option to properly quote and escape identifiers to prevent SQL injection!
Valid :quoting options are:
:ansi double-quotes: "identifier"
:mysql backticks: `identifier`
:mssql square brackets: [identifier]
:off no quoting (default)
Identifiers containing a period/dot . are split, quoted separately, and then rejoined. This supports myschema.mytable conventions.
(hugsql.core/def-db-fns "path/to/good.sql" {:quoting :ansi})
from conman.
I think that should already work, you can pass an options map as the first argument to bind-connection
, e.g: (bind-connection conn {:quoting :ansi} "path/to/queries.sql")
.
from conman.
@vinurs I pushed out a new version 0.8.0
that supports loading queries from a file object. Unfortunately, this won't work with the bind-connection
macro, so now there's a bind-connection-map
function that returns the map of generated queries and snippets. There are also a couple of helpers to make it easier to work with the map called snip
and query
. Usage looks as follows:
(def queries (bind-connection conn {:quoting :ansi} (java.io.File. "test/queries.sql")))
(query queries
:add-fruit!
{:name "apple"
:appearance "red"
:cost 1
:grade 1})
(query queries
:get-fruit-by
{:by-appearance
(snip queries :by-appearance {:appearance "red"})})
Let me know if this looks good to you.
from conman.
@yogthos thanks very much, i'll try it.
from conman.
Looks like things are working on my end, so I'm going to close this. If anything comes up we can revisit.
from conman.
Related Issues (20)
- Error when AOT compiling HOT 1
- Unable to catch specific sql exception HOT 13
- Dynamic table name HOT 1
- java.lang.ClassCastException: clojure.lang.PersistentArrayMap cannot be cast to java.util.concurrent.Future HOT 10
- Split one query definition file into many smaller ones HOT 2
- is it possible to use component instead of mount?
- Connect To oracle database HOT 10
- From the user namespace how do I reload queries from the REPL? HOT 3
- Weird behaviour when trying to run a test HOT 2
- SQL query debug HOT 2
- Options are not evaluated in bind-connection(-deref) HOT 1
- Clojure docker build fail for lein compile HOT 1
- would it support sharding-jdbc HOT 3
- Support next.jdbc HOT 14
- ClassCastException when doing a request HOT 2
- Failed parsing from JSON after upgrading from 0.8.4 to 0.8.6 HOT 2
- disconnect! does nothing to return value of connect! HOT 7
- Request for support for HugSQL tuple list queries HOT 4
- Java version incompatibility in 0.9.6 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from conman.