Skip to content
Prev 1328 / 1559 Next
Original Raw

SQL escaping/quoting proposal

NISHIYAMA Tomoaki 
Hi Hadley,

Thanks to bring up this issue and 
I agree in the overall direction and have some minor concerns.

Could you provide a bit more clarification on what the sqlQuoteIdentifier should do?
How shall we deal when a vector of strings is passed?
  Is it right to assume that sqlQuoteIdentifier(drv, c('a', 'b')) should 
  return a vector consisting of quoted results of individual element of the vector?

How do we construct a reference to table with schema, or column with table?
eg schema.table or table.column?
  More specifically, is it right to assume that sqlQuoteIdentifier is used for constructing
  individual part of the composite identifier?

You had a minor mistake in showing the default method (The name is both "sqlQuoteString",
and I am not sure which is intended for sqlQuoteIdentifier).

Another consideration is for the name of the function. Whether we should 
use sql prefix or use db prefix.  I would like to know what others think for this point.
Here, I think we can avoid problem in most cases, but there are still a bit
cases where the encoding does not allow proper conversion.
That's the problem of the database capability, there is not much things that
the driver can do, though.

Thread (7 messages)

Hadley Wickham SQL escaping/quoting proposal Oct 18 Lee Hachadoorian SQL escaping/quoting proposal Oct 18 Hadley Wickham SQL escaping/quoting proposal Oct 18 NISHIYAMA Tomoaki SQL escaping/quoting proposal Oct 18 Paul Gilbert SQL escaping/quoting proposal Oct 19 Hadley Wickham SQL escaping/quoting proposal Oct 19 Hadley Wickham SQL escaping/quoting proposal Oct 22