New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parameter placeholder not recognized #40
Comments
@tko Sqlite-simple punts placeholder substitution to the underlying sqlite3 native library. There's no substitution happening on the Haskell side. Thus any placeholder docs you find for sqlite3 should apply for sqlite-simple. I'm not sure if the "like %" case is mentioned explicitly in sqlite3 docs though - this is the main page for bound parameters: http://www.sqlite.org/c3ref/bind_blob.html. I think your use of "||" for concatenation is the right way to go about this. There are some examples of this in SO, e.g. http://stackoverflow.com/questions/1105463/sqlite-binding-within-string-literal. Do you have any specific suggestions on how to document this better in sqlite-simple? E.g., is there something that should be added to https://hackage.haskell.org/package/sqlite-simple-0.4.8.0/docs/Database-SQLite-Simple.html under "Parameter substitution" section? |
I think a simple note on how to deal with the peculiarities of a Further than that I can't help thinking there should be (in haskell side) some helper functions to help manage constructing the queries, in my case turn a list of strings into a list of |
I'll add a note on the '%?' escaping into haddocks. I agree that some types of queries are cumbersome to construct. I've been meaning to add some helpers like this, just not quite sure what specific functions would be needed. Currently sqlite-simple doesn't event provide a function to escape a string (like sqlite3's mprintf). For some types of query construction, I've noticed that named parameters work much better than positional ? params. Using plain positional params when you have a varying number of things to substitute is pretty painful. I've you have examples of things that are causing you pain, please post them here. This will help design better helper functions for these cases. |
My specific example was a combination of like and ands, e.g. turning a user provided query string Not sure about named vs. positional params when it comes to dynamic queries, seems concatenating query strings and arguments in tandem seems simpler than coming up with uniquely named arguments that can not clash. |
I'm trying to run a query that is essentially
select * from t where c like '%?%'
where the?
is provided as argument. However the placeholder isn't recognized and I just get a runtime errorSQL query contains 0 params, but 1 arguments given
instead.It's unclear what the rules about placeholder really are, but it seems to work better when written as
.. like ('%' || ? || '%')
but a somewhat more definitive best practice example would be helpful, one that would also address escaping%
and_
etc. properly that becomes a problem soon after.The text was updated successfully, but these errors were encountered: