Database: placeholder for column name

[hrach]

Would be nice to have some placeholder for column (table names). In dibi there is %n modifier. This is really needed for security reasons. Have you any sugestions, what it could be?

Some char combinations? Or appending some letter to ?

---

Example what people do and they do it bad:

$updateStatement[$key] = "VALUES($key)";

Bad proposed solution

$updateStatement[$key] = new Nette\Database\SqlLiteral("VALUES($key)");

Current correct solution

$delimitedKey = $context->connection->supplementalDriver->delimite($key);
$updateStatement[$key] = $context::literal('VALUES(' . $delimitedKey . ')');

Possible solution after implementing this:

$updateStatement[$key] = $context::literal('VALUES(?n)', $key);

[JanTvrdik]

👍 I miss this feature even though I don't use NDB.