New ask Hacker News story: Ask HN: Is there is an sqlite3_expanded_SQL()'s equivalent for other DBMS?

Ask HN: Is there is an sqlite3_expanded_SQL()'s equivalent for other DBMS?
3 by lfconsult | 1 comments on Hacker News.
Hi HN, I'm digging around in order to find a way to get back the SQL statement from a compiled statement with bound parameters (avoid SQLi) for others DBMS. I've found - with excitements- that the SQLite C interface have a sqlite3_expanded_sql()* function to get exactly what I needed. As I didn't found anything for SQLServer, I thought - at first - that it was just not possible at all because the SQL statement and parameters were sent separately (or, kind of, maybe the same compiled blob but without any chance to building back the raw SQL statement). For example, the raw SQL statement is : SELECT * FROM Genre WHERE Name = ? The bound parameter is : "Pop" I would like to get back : SELECT * FROM Genre WHERE Name = 'Pop' Maybe it's a profane question but I did spend a lot of time around in order to find what I need. If you ever wonder why I'm asking this question, just for curiosity. In order to know if it's not even thinkable, doable, or just no implemented yet or if it depends of the DBMS or 42. * https://ift.tt/qVKcuQt

Comments

Post a Comment

Popular posts from this blog

New ask Hacker News story: Tell HN: Equifax free credit report dark patterns

Tell HN: Equifax free credit report dark patterns 4 by PopAlongKid | 0 comments on Hacker News. For years, I have been obtaining free annual credit reports (annualcreditreport.com) which must be provided by law. Recently, for the first time, when I tried to obtain my Equifax report, I was prompted for an email address and a mobile phone number, a new requirement that apparently cannot be bypassed. The other two bureaus, and Equifax previously, confirmed identity by asking knowledge based questions. They do not need my phone or email for anything. Next, trying to obtain the report by phone instead of web site per instructions, I got to the point where I entered my ZIP code on the phone keypad, the voice menu system correctly repeated the number back to me, but every time I press 1 to indicate it is correct, the system acts like it got an invalid response and only gives me the option to enter further information by voice, not by the phone keypad. Just as with my phone number and email...
Read more

New ask Hacker News story: Ask HN: Why can't the US government run their own social media?

Ask HN: Why can't the US government run their own social media? 2 by rglullis | 2 comments on Hacker News. With the news yesterday of POTUS joining threads.net and with the fanfare about the possibility of following him from other AP-compatible servers (like Mastodon), I was left wondering why is it that the White House couldn't just run their own services? Doesn't "POTUS is using threads for social media" feel a bit like "POTUS is using outlook.com for email"? Is there anything about the bureaucracy that stops their some small team to setup a Mastodon server on "social.whitehouse.gov" and make this a reality? I find it hard to believe that this would be "if it got hacked it could create diplomacy issues", because I don't think that Facebook is setting up any type of special infrastructure to deal with political figures on their platform. Also, none of this seems to be a problem for some of the EU governments. Maybe I am missin...
Read more