RAA - safequery/4.2006.03.23


advanced search

safequery / 4.2006.03.23

Short description: Tool to build safe SQL queries easily.
Category: Library/Database
Status: stable
Created: 2005-08-15 15:58:56 GMT
Last update: 2006-03-23 14:59:58 GMT
Owner: Jan Molič (Projects of this owner)
Homepage: http://simplypowerful.1984.cz/safequery/4.2006.03.23/doc
Download: http://simplypowerful.1984.cz/safequery/4.2006.03.23/safequery4.tgz
License: Ruby's
Dependency:
None
Description: 
# == Changes
# Version 4 uses pure Ruby instead of special string query, is fater and cleaner.
#
# == Description
# Build safe sql query from a data hash.
# You don't have to escape values by hand or iterate over arrays
# to produce dynamic lists anymore. No sql injections. Simple and powerful ;-)
#
# == Usage
#
# 1. Create a data hash.
#       hsh = {
#               :bad_characters => 'very bad characters: !@#$@#%&*\"\' ',
#               :tblname => 'my_foo_table',
#               :mydata => {
#                       :a => 'AAA',
#                       :b => '',
#                       :c => nil,
#                       :d => 'DDD',
#                       :e => false
#               }
#       }
#
# 2. Create SafeQuery4 instance; FooDB is used because of the 'escape' method. You can specify another name of the method as the second parameter.
#       sq = SafeQuery4.new( FooDB.new, hsh )
#
# 3. Finally create safe queries!
#
#       puts "Everything is automatically escaped: "
#
#       puts " INSERT INTO #{sq.tblname} ( very_bad_characters ) VALUES ( '#{sq.bad_characters}' ) "
#       => INSERT INTO my_foo_table ( very_bad_characters ) VALUES ( 'very bad characters: !@#$@#%&*\\"\' ' )
#
#       puts "More examples: "
#
#       puts " INSERT INTO #{sq.tblname} (#{sq.keys_of :mydata }) VALUES (#{sq.values_of :mydata }) "
#       => INSERT INTO my_foo_table (c, d, a, e, b) VALUES (null, 'DDD', 'AAA', false, '')
#       puts " SELECT * FROM #{sq.tblname} WHERE #{sq.LIKE_list_of :mydata } "
#       => SELECT * FROM my_foo_table WHERE c LIKE null AND d LIKE 'DDD' AND a LIKE 'AAA' AND not(e) AND b LIKE ''
#       puts " SELECT * FROM #{sq.tblname} WHERE #{sq.LIKE_list_of :mydata, :separator=>'OR' } "
#       => SELECT * FROM my_foo_table WHERE c LIKE null OR d LIKE 'DDD' OR a LIKE 'AAA' OR not(e) OR b LIKE ''
#       puts " UPDATE #{sq.tblname} SET #{sq.pair_list_of :mydata } "
#       => UPDATE my_foo_table SET c=null AND d='DDD' AND a='AAA' AND not(e) AND b=''
#
#       puts "Using except filter: "
#
#       puts " UPDATE #{sq.tblname} SET #{sq.pair_list_of :mydata, :except=>:nil } "
#       => UPDATE my_foo_table SET d='DDD' AND a='AAA' AND not(e) AND b=''
#       puts " INSERT INTO #{sq.tblname} (#{sq.keys_of :mydata, :except=>[:nil, :empty] }) VALUES (#{sq.values_of :mydata, :except=>[:nil, :empty] }) "
#       => INSERT INTO my_foo_table (d, a, e) VALUES ('DDD', 'AAA', false)
#       puts " SELECT * FROM #{sq.tblname} WHERE #{sq.LIKE_list_of :mydata, :except=>[ :false, :nil ] } "
#       => SELECT * FROM my_foo_table WHERE d LIKE 'DDD' AND a LIKE 'AAA' AND b LIKE ''
Versions: [4.2006.05.26 (2006-05-26)] [4.2006.04.19 (2006-05-25)] [4.2006.03.23 (2006-03-23)] [4.2006.03.15 (2006-03-15)] [4.2006.03.14 (2006-03-14)] [3.2005.8.28 (2005-08-30)] [2.2005.8.16 (2005-08-16)] [2.2005.8.15 (2005-08-15)] [1.2005.8.8 (2005-08-15)] [2.2005.8.8 (2005-08-15)]

Edit this project (for project owner)

back to RAA top

For all questions or comments, or if you have any inquiries about this page, contact raa-admin@ruby-lang.org.