Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expand docs on Raw SQL Queries #1124

Merged
merged 5 commits into from Oct 10, 2021
Merged

Expand docs on Raw SQL Queries #1124

merged 5 commits into from Oct 10, 2021

Conversation

amitaibu
Copy link
Collaborator

@amitaibu amitaibu commented Oct 9, 2021

Took me a while to figure how to do it, so might help others/ future me 馃樃

amitaibu
amitaibu commented Oct 9, 2021
View reviewed changes
Guide/database.markdown Outdated Show resolved Hide resolved
amitaibu
amitaibu commented Oct 9, 2021
View reviewed changes
Guide/database.markdown Outdated Show resolved Hide resolved
mpscholten
mpscholten reviewed Oct 10, 2021
View reviewed changes
Copy link
Member

@mpscholten mpscholten left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks :) Good addition!

Guide/database.markdown Outdated Show resolved Hide resolved
Guide/database.markdown Outdated Show resolved Hide resolved
Guide/database.markdown Outdated Show resolved Hide resolved
Guide/database.markdown Outdated Show resolved Hide resolved
amitaibu and others added 2 commits October 10, 2021 11:19
@amitaibu @mpscholten
Apply suggestions from code review
54619b5 
Co-authored-by: Marc Scholten <marcphilipscholten@gmail.com>
@amitaibu
Update database.markdown
dae45eb
amitaibu
amitaibu commented Oct 10, 2021
View reviewed changes
Guide/database.markdown
-- Get all Projects
let table :: Text = "projects"
-- Use PG.Identifier to prevent SQL injection
result :: [Project] <- sqlQuery "SELECT * FROM ?" [PG.Identifier table]
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you wanted to do SELECT * FROM ? WHERE id = ? how do you pass the params?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then I'd do it like this:

let id :: Id Project = ".."
result :: [Project] <- sqlQuery "SELECT * FROM ? WHERE id = ?" (PG.Identifier table, id)

amitaibu
amitaibu commented Oct 10, 2021
View reviewed changes
Guide/database.markdown
do
-- Get all Projects
let table :: Text = "projects"
-- Use PG.Identifier to prevent SQL injection
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a note about SQL injection

mpscholten
mpscholten approved these changes Oct 10, 2021
View reviewed changes
Copy link
Member

@mpscholten mpscholten left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 馃憤 good job

@mpscholten mpscholten merged commit eb57fac into digitallyinduced:master Oct 10, 2021
@amitaibu amitaibu deleted the patch-2 branch October 10, 2021 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mpscholten mpscholten mpscholten approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@amitaibu @mpscholten