Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

'In' arguments are not supported #6

Open
nurpax opened this issue Aug 12, 2012 · 9 comments
Open

'In' arguments are not supported #6

nurpax opened this issue Aug 12, 2012 · 9 comments
Labels
enhancement

Comments

@nurpax
Copy link
Owner

nurpax commented Aug 12, 2012

SQL parameter expansion for cases like

select * from whatever where id in ?" (In [3,4,5])

is not currently supported.

The reason being that it's not easily (or at all?) supported by sqlite3's prepared statement bound parameters.

To support this, would need to bring back query string parsing and string substitution.

Filing this bug about this missing feature in the hope that someone has an idea how to get this working with bound params.
@chshersh
Copy link

@nurpax Any news on this? Is it possible to implement something similar to what is done for postgresql-simple?

Ideally with support for named parameters as well.

@nurpax
Copy link
Owner Author

nurpax commented Jul 27, 2018

No news. The original bug description still stands. IN would require parsing the sql statement and generating a new one. I’m unwilling to do that as the current implementation just passes the original query string down to sqlite. This is very robust as sqlite does all the hardwork.

Sent with GitHawk

@cjduncana
Copy link

Any news on this front?

@aryairani
Copy link

aryairani commented Jul 4, 2020
edited
Loading

Is the fastest way to achieve the lookup in the example to run the query three times for each of [3,4,5]?
Or is there a better/faster workaround; e.g. constructing the Query manually with string concatenation?

P.S. Thanks for this library.

@eyeinsky
Copy link

@aryairani If you're meaning runtime speed then string-splicing might be the easier thing to do (albeit it being less safe).

@eyeinsky
Copy link

@nurpax Where do you go looking for whether sqlite has grown support for the in query for prepared statements? 2012 was a long time ago :).

@nurpax
Copy link
Owner Author

nurpax commented Mar 24, 2023
edited
Loading

You think I've changed my mind about this? :) (I still think the original position is the right thing, albeit annoying from a user's point of view. But it's very bug-free and secure thing to do.)

But you'll have to ask the current maintainers for their opinion. I've stopped working on this library (and in general, do very little if any Haskell.)

@eyeinsky
Copy link

@nurpax No. :) The question I was trying to ask was that whether sqlite's prepared statements had added support for in query (such that they could be passed to it like for the other query types), and where would one go looking to find out if such support was added.

I do agree that it's much simpler to have sqlite itself parse the query templates, its params and then merge them (if I understood the issue right).

@nurpax
Copy link
Owner Author

nurpax commented Mar 26, 2023

I guess you'd have to look into sqlite's C API to see if there are any new features related to this. Also worth looking if any other other SQL bindings (for any language) or ORM libraries have some certain ways of dealing with IN args.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@nurpax @aryairani @cjduncana @chshersh @eyeinsky