top | item 43763190 (no title) jimwhite | 10 months ago Yes and your example is the hero case because it isn't just sugar. A t-string implementation for SQL will of course escape the values which is a common security issue.https://xkcd.com/327/ discuss order hn newest hombre_fatal|10 months ago No, a t-string returns a Template which is basically { strings: str[], values: any[] }.So you would write db.execute(template) to turn template t"... where id = {id}" into a parameterized structure like ("... where id = ?", id).
hombre_fatal|10 months ago No, a t-string returns a Template which is basically { strings: str[], values: any[] }.So you would write db.execute(template) to turn template t"... where id = {id}" into a parameterized structure like ("... where id = ?", id).
hombre_fatal|10 months ago
So you would write db.execute(template) to turn template t"... where id = {id}" into a parameterized structure like ("... where id = ?", id).